burrow/services/mcp-hub/README.md
Conrad Kramer 002bd382e9
Some checks failed
Cache: Publish Nix / Publish Nix Cache (push) Waiting to run
Build Rust / Cargo Test (push) Successful in 4m14s
Build Site / Next.js Build (push) Failing after 6s
Infra: OpenTofu / OpenTofu (grafana) (push) Successful in 5s
Lint Governance / BEP Metadata (push) Successful in 0s
Build: Android / Android Rust Core Stub (push) Failing after 23s
Wire Forge-native release infrastructure
2026-06-07 05:51:12 -07:00

962 B

Burrow MCP Hub Extraction

This directory is the in-repo extraction plan for a dedicated MCP hub repository.

Target repository:

compatible.systems/burrow/mcp-hub

The hub should expose Burrow-operated tools for:

  • Authentik users, groups, OIDC, SAML, SCIM, and WIF applications
  • OpenBao mounts, policies, AppRole, and secret-read workflows
  • Google KMS key catalog, public-key export, and signing readiness
  • Forgejo workflow dispatch, runner identity, and Namespace runner status
  • Grafana dashboard and alert checks
  • Jitsi meeting readiness and service health
  • mail and webmail readiness after the Stalwart phase starts
  • release signing, store upload readiness, and distribution metadata checks
  • agent identity inventory derived from contributors.nix

The hub must keep identity and authorization explicit. Agent identities should be named, attributable, and backed by Authentik/WIF or OpenBao AppRole rather than static shared tokens.