mcp-gopls
mcp-gopls is a Model Context Protocol (MCP) server that wraps Go’s gopls (LSP) to provide AI clients with Go code intelligence and tooling over MCP: navigation (definitions/references), editor features (hover/completion/format/rename/code actions), and Go commands (go test with coverage, go mod tidy, govulncheck, module graph), plus MCP resources/prompts and progress notifications for long-running operations.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
No network/TLS or auth model is described; it appears designed for local execution via stdio. Risk is primarily from executing Go tooling (subprocesses) and reading the mounted workspace; ensure the runtime environment is trusted and restrict filesystem access accordingly. Dependency hygiene is unknown from provided content; scores are conservative.
⚡ Reliability
Best When
You want an AI IDE/agent to act like an LSP-powered Go coding assistant, with the ability to also run common Go tooling against a local workspace.
Avoid When
You cannot trust the client environment that will access your local filesystem/workspace, or you need fine-grained authorization/audit trails for each operation.
Use Cases
- • Go workspace navigation and code understanding via AI (definitions, references, workspace symbols)
- • AI-assisted Go diagnostics/triage using cached diagnostics + summarization prompts
- • AI-assisted code editing workflows (format, rename, code actions) through MCP
- • Automated Go test/coverage runs initiated from an agent, with streamed progress
- • Dependency management and security checks triggered from an agent (go mod tidy, go mod graph, govulncheck)
Not For
- • Secured, multi-tenant remote API access to private data (it appears intended to run locally/with a mounted workspace)
- • Public-facing web services requiring authentication/authorization for each request
- • Environments that cannot run Go/gopls tooling or that forbid spawning subprocesses for go/govulncheck commands
Interface
Authentication
The README focuses on running the server locally (stdio/command invocation) and configuring workspace/tooling; no authentication/authorization scheme is documented for MCP requests.
Pricing
Open-source; no pricing model described in the provided content.
Agent Metadata
Known Gotchas
- ⚠ Long-running tools emit notifications/progress; agents should handle concurrent runs using the namespaced progress token scheme mentioned in README to avoid 'unknown token' errors.
- ⚠ Some tools rely on cached diagnostics (check_diagnostics/run_go_test -> summarize_diagnostics prompt). Agents should call the prerequisite tool first.
- ⚠ Operations may require access to the provided workspace path; incorrect --workspace can lead to empty/failed results.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for mcp-gopls.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.