11 tools from the Renovate MCP Server, categorised by risk level.
View the Renovate policy →check_setup Report whether the Renovate CLI and config validator are reachable, their versions, and any env overrides in effect. Call this first when other too... get_version Report the renovate-mcp server version and whether it's a released build (running from node_modules) or a local/dev build (typically launched via `... read_config Locate and parse the Renovate configuration in a repository. Searches for renovate.json, renovate.json5, .renovaterc(.json|.json5), .github/renovat... validate_config Validate a Renovate configuration against the official schema using renovate-config-validator. Pass either configPath (file on disk) or configConte... resolve_config Expand every preset referenced by `extends` and return the fully resolved config. Built-in presets resolve offline against the committed catalogue.... write_config Write a Renovate config to disk. Runs renovate-config-validator first — refuses to write if validation fails unless force=true (which additionally ... dry_run Run Renovate in dry-run mode to preview what it would do — no PRs opened, no git pushes. Returns a structured JSON report plus a top-level `ok` boo... dry_run_diff Compute a semantic diff between two `dry_run` reports — the proposed updates that were added, removed, or changed. Stateless: pass both reports as ... explain_config Inverse of resolve_config: walk the same preset tree, but annotate every leaf field with the chain of presets that touched it. Each leaf in `explan... lint_config Run a semantic lint pass over a Renovate config. Complements validate_config: schema validation catches structural bugs, this catches Renovate-spec... preview_custom_manager Preview a Renovate `customManagers` entry against a local repo — fast, offline, no `renovate` invocation. Designed for iterating on a regex: shows ... The Renovate MCP server exposes 11 tools across 3 categories: Read, Write, Execute.
Use Intercept, the open-source MCP proxy. Write YAML rules for each tool — rate limits, argument validation, or deny rules — then run Intercept in front of the Renovate server.
Renovate tools are categorised as Read (4), Write (2), Execute (5). Each category has a recommended default policy.
Deterministic policy on every MCP tool call. Per-identity grants. Full audit log.