{"id":"freelancer-phabricator-mcp","name":"phabricator-mcp","homepage":"https://freelancer.github.io/phabricator-mcp/","repo_url":"https://github.com/freelancer/phabricator-mcp","category":"devtools","subcategories":[],"tags":["mcp","model-context-protocol","phabricator","conduit-api","typescript","stdio","code-review","tasks","devtools"],"what_it_does":"phabricator-mcp is an MCP (Model Context Protocol) server that wraps Phabricator's Conduit API, exposing MCP tools for interacting with tasks (Maniphest), code reviews/diffs (Differential), repositories and file contents (Diffusion), users, projects, pastes, wiki (Phriction), blogs (Phame), transactions, uploads/files, builds (Harbormaster), owners, activity feed, chat threads (Conpherence), audits, and PHID lookup—via stdio MCP transport.","use_cases":["Search and manage Phabricator tasks (query, create, edit, comment)","Perform code review workflows (search revisions, inspect diffs, add inline comments, accept/reject/abandon)","Browse repositories and retrieve file contents/history/code search","Query builds and build logs for revisions/diffs","Look up users/projects/PHIDs and query recent activity","Read/write collaboration artifacts like wiki pages, pastes, and blog posts","Use an LLM/MCP client to execute Phabricator workflows from natural language"],"not_for":["Public-facing or high-risk automation without careful tool permissioning (it can support write operations)","Environments that require OAuth-style authentication or federated identity (it uses Conduit API tokens)","Use cases needing a web REST/GraphQL API or webhooks from this package (it is primarily an MCP server)"],"best_when":"You want a local/agent-driven integration that can translate natural language into specific, allowlisted Phabricator Conduit actions using MCP tools.","avoid_when":"You cannot securely handle long-lived Conduit API tokens or cannot restrict tool permissions to read-only operations for untrusted agent workflows.","alternatives":["Direct use of Phabricator Conduit API (REST-like JSON over HTTP) from your application","Arcanist/Phabricator CLI tooling for specific workflows (where available) instead of MCP","Other MCP servers that wrap different Phabricator integrations (if available)"],"af_score":60.5,"security_score":55.8,"reliability_score":32.5,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T15:39:01.873836+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["Phabricator Conduit API token (PHABRICATOR_API_TOKEN)"],"oauth":false,"scopes":false,"notes":"Authentication is performed via a Phabricator Conduit API token configured via PHABRICATOR_API_TOKEN or read from ~/.arcrc. MCP-side tool permissions (e.g., Claude allowlist) are used for controlling which MCP tools can be called, but this is not the same as OAuth scopes."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing information is provided for the server package itself (MIT-licensed open source). Runtime costs depend on your Phabricator instance and LLM/MCP client usage."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":60.5,"security_score":55.8,"reliability_score":32.5,"mcp_server_quality":80.0,"documentation_accuracy":65.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":80.0,"rate_limit_clarity":20.0,"tls_enforcement":70.0,"auth_strength":60.0,"scope_granularity":30.0,"dependency_hygiene":45.0,"secret_handling":70.0,"security_notes":"Uses a Phabricator Conduit API token for authentication (no OAuth). The README recommends allowlisting read-only MCP tools to reduce risk. Rate-limit and error-handling behaviors are not documented here. Dependency and CVE posture cannot be confirmed from provided data.","uptime_documented":0.0,"version_stability":55.0,"breaking_changes_history":45.0,"error_recovery":30.0,"idempotency_support":"false","idempotency_notes":"No explicit idempotency guarantees are described in the README; many tools are write-capable (create/edit/comment), so retries could produce duplicates unless the MCP client/server implements safeguards internally (not documented here).","pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Write-capable tools exist; clients like Claude may prompt for permissions—use allowlists to restrict to read-only where appropriate","Authentication uses a Conduit token; mishandling tokens can grant broad access depending on token permissions","Tool naming/permissions must match the MCP client’s allowlist format (example uses mcp__phabricator__<tool_name>)"]}}