# UnifyMCP for Autonomous Agents and LLMs

Welcome to the UnifyMCP agent protocol documentation. If you are a Language Model (LLM) or autonomous agent reading this, this document contains everything you need to interact with the UnifyMCP gateway.

## What is UnifyMCP?

UnifyMCP is a universal Model Context Protocol (MCP) gateway that connects AI agents to multiple backend systems through a single endpoint. It transforms Git repositories, cloud storage, container infrastructure, and private knowledge bases into live, queryable tool targets.

## Available Providers

### Knowledge Vault (Always Active)
Search and retrieve from private Markdown repositories. No configuration required.

| Tool | Tier | Description |
|------|------|-------------|
| `search_notes` | Read | Full-text search across vault notes. Provide specific keywords. |
| `fetch_note` | Read | Retrieve exact markdown content by file path. |

### Git / GitHub (Requires Configuration)
Repository management via the GitHub REST API. Provide a Personal Access Token to activate.

| Tool | Tier | Description |
|------|------|-------------|
| `git_list_repos` | Read | List repositories for the authenticated user |
| `git_get_file` | Read | Read a file from a repo at a given ref |
| `git_search_code` | Read | Search code across repos |
| `git_list_branches` | Read | List branches for a repository |
| `git_get_diff` | Read | Diff between two refs |
| `git_list_commits` | Read | Recent commits with messages and authors |
| `git_create_branch` | Write | Create a branch from a ref |
| `git_commit_file` | Destructive | Create or update a file via commit |
| `git_create_pull_request` | Write | Open a PR between branches |

### Nextcloud (Requires Configuration)
File management via WebDAV. Provide URL, username, and password to activate.

| Tool | Tier | Description |
|------|------|-------------|
| `nc_list_files` | Read | List files and folders at a path |
| `nc_read_file` | Read | Download and return file content |
| `nc_search_files` | Read | Search files by name pattern |
| `nc_upload_file` | Write | Upload or overwrite a file |
| `nc_delete_file` | Destructive | Delete a file or folder |
| `nc_move_file` | Write | Move or rename a file |

### Docker (Local Socket Only)
Container management via the Docker Engine API. Only available when a local Docker socket is detected.

| Tool | Tier | Description |
|------|------|-------------|
| `docker_list_containers` | Read | List containers with status |
| `docker_inspect_container` | Read | Detailed container info |
| `docker_list_images` | Read | List available images |
| `docker_container_logs` | Read | Fetch recent logs |
| `docker_start_container` | Write | Start a stopped container |
| `docker_stop_container` | Destructive | Stop a running container |
| `docker_restart_container` | Write | Restart a container |
| `docker_exec_command` | Destructive | Execute a command inside a container |

### Atlassian (Jira & Confluence) (Requires Configuration)
Jira and Confluence management via REST API. Provide `domain`, `email`, and `api_token` to activate.

| Tool | Tier | Description |
|------|------|-------------|
| `jira_search_issues` | Read | Search for Jira issues using JQL |
| `jira_get_issue` | Read | Get detailed info about a Jira issue |
| `confluence_search_pages` | Read | Search Confluence for pages using CQL |
| `jira_create_issue` | Write | Create a new Jira issue |
| `jira_add_comment` | Write | Add a comment to an existing Jira issue |
| `jira_transition_issue` | Write | Change the status of a Jira issue |

### Linear (Requires Configuration)
Linear issue management. Provide an `api_key` to activate.

| Tool | Tier | Description |
|------|------|-------------|
| `linear_search_issues` | Read | Search for issues in Linear |
| `linear_list_projects` | Read | List accessible projects in Linear |
| `linear_create_issue` | Write | Create a new Linear issue |
| `linear_update_issue_status` | Write | Change the state/status of a Linear issue |
| `linear_add_comment` | Write | Add a comment to a Linear issue |

### monday.com (Requires Configuration)
Board and item management via GraphQL. Provide an `api_token` to activate.

| Tool | Tier | Description |
|------|------|-------------|
| `monday_list_boards` | Read | List boards in the monday.com account |
| `monday_get_items` | Read | Get items (rows) from a specific board |
| `monday_create_item` | Write | Create a new item (row) on a board |
| `monday_update_item` | Write | Update column values for an existing item |

### HubSpot (Requires Configuration)
CRM management for contacts, tasks, and notes. Provide an `access_token` to activate.

| Tool | Tier | Description |
|------|------|-------------|
| `hubspot_search_contacts` | Read | Search for contacts in HubSpot by name or property |
| `hubspot_get_company` | Read | Get details for a specific Company by ID |
| `hubspot_create_task` | Write | Create a new CRM task (Engagement) |
| `hubspot_add_note` | Write | Add a new note to a contact or company record |

### Stripe (Requires Configuration)
Financial insights and operations. Provide a `secret_key` to activate.

| Tool | Tier | Description |
|------|------|-------------|
| `stripe_list_customers` | Read | Search for Stripe customers by email |
| `stripe_list_invoices` | Read | List recent invoices for a specific customer ID |
| `stripe_get_payment_intent` | Read | Retrieve details of a specific Payment Intent |
| `stripe_issue_refund` | Destructive | Issue a refund for a charge (requires confirmation) |

### TrueNAS (Requires Configuration)
Storage and dataset insights. Provide `url` and `api_key` to activate.

| Tool | Tier | Description |
|------|------|-------------|
| `truenas_get_pool_health` | Read | Read the health and status of TrueNAS storage pools |
| `truenas_list_shares` | Read | List TrueNAS shares (SMB/NFS) and their paths |
| `truenas_list_snapshots` | Read | List ZFS snapshots on the specified pool or dataset |
| `truenas_create_snapshot` | Write | Create a ZFS snapshot for a dataset |
| `truenas_rollback_snapshot` | Destructive | Rollback a ZFS dataset to a specific snapshot |

### Proxmox VE (Requires Configuration)
Virtualization and container lifecycle. Provide `url` and `api_token` to activate.

| Tool | Tier | Description |
|------|------|-------------|
| `proxmox_get_cluster_health` | Read | Read the health and status of the Proxmox cluster nodes |
| `proxmox_list_vms` | Read | List all VMs and LXC containers across the cluster |
| `proxmox_vm_snapshot` | Write | Create a snapshot of a VM or LXC container |
| `proxmox_vm_start` | Write | Start a VM or LXC container |
| `proxmox_vm_stop` | Destructive | Hard-stop a VM or LXC container |

### Home Assistant (Requires Configuration)
Smart home insights. Provide `url` and `api_token` to activate. Sensitive domains are restricted.

| Tool | Tier | Description |
|------|------|-------------|
| `ha_get_states` | Read | Read the current state of home automation entities |
| `ha_call_service` | Write | Call a standard Home Assistant service (e.g. lights, switches) |
| `ha_call_sensitive_service` | Destructive | Call restricted services (locks, garage doors, alarm panels) |

### Portainer (Requires Configuration)
Container fleet visibility. Provide `url` and `api_token` to activate.

| Tool | Tier | Description |
|------|------|-------------|
| `portainer_list_endpoints` | Read | List available Portainer environments/endpoints |
| `portainer_list_stacks` | Read | List Docker Compose/Swarm stacks in an environment |
| `portainer_stop_stack` | Destructive | Stop a running stack |
| `portainer_restart_stack` | Write | Safe restart of a running stack |

### OPNsense (Requires Configuration)
Gateway and firewall insights. Provide `url`, `api_key`, and `api_secret` to activate.

| Tool | Tier | Description |
|------|------|-------------|
| `opnsense_get_status` | Read | Get system status and telemetry from the OPNsense gateway |
| `opnsense_check_firmware` | Read | Check for available OPNsense firmware updates |
| `opnsense_toggle_rule` | Destructive | Enable or disable a specific firewall rule |

## Safety Tiers

Every tool carries a safety tier that determines execution behavior:

- **Read**: No side effects. Executes immediately.
- **Write**: Creates or modifies resources. The agent should disclose intent.
- **Destructive**: Irreversible mutations. Returns a `confirmation_id` instead of executing. You must relay the confirmation to the user and call `confirm_action` with the ID after approval.

## System Tools

| Tool | Description |
|------|-------------|
| `configure_provider` | Supply credentials for a provider (git, nextcloud, docker, atlassian, linear, monday, hubspot, stripe, truenas, proxmox, homeassistant, portainer, opnsense). Credentials are held in session memory only. |
| `confirm_action` | Confirm a pending destructive action using its confirmation_id. |
| `get_session_audit` | Retrieve the audit log of all tool invocations in this session. |

## How to Configure a Provider

1. Call `configure_provider` with the provider ID and credentials object.
2. Example for Git: `configure_provider({ provider: "git", credentials: { token: "ghp_xxx" } })`
3. Example for Nextcloud: `configure_provider({ provider: "nextcloud", credentials: { url: "https://cloud.example.com", username: "user", password: "app-password" } })`
4. Example for Proxmox: `configure_provider({ provider: "proxmox", credentials: { url: "https://pve:8006", api_token: "root@pam!id=secret" } })`
4. Once configured, the provider's tools become available in the tool listing.

## Credential Security

- Credentials are held in session memory only and never written to disk, database, or logs.
- When the SSE session closes, all credentials are destroyed.
- UnifyMCP has zero access to user credentials at rest.
- Users can revoke access at the source (GitHub token, Nextcloud app password) at any time.

## Connectivity

- **Domain:** `https://vaultmind.zionxai.com`
- **Protocol:** Standard SSE via MCP SDK.