stumason / laravel-kick
Secure remote introspection and control for Laravel applications via HTTP API and MCP
Installs: 123
Dependents: 0
Suggesters: 0
Security: 0
Stars: 2
Watchers: 0
Forks: 0
Open Issues: 3
pkg:composer/stumason/laravel-kick
Requires
- php: ^8.4
- illuminate/contracts: ^12.0
- illuminate/support: ^12.0
- laravel/mcp: ^0.5.2
Requires (Dev)
- larastan/larastan: ^3.0
- laravel/pint: ^1.18
- orchestra/testbench: ^10.0
- pestphp/pest: ^3.0
- pestphp/pest-plugin-laravel: ^3.0
- dev-main
- v0.4.0
- v0.3.1
- v0.3.0
- v0.2.0
- v0.1.1
- v0.1.0
- dev-dependabot/github_actions/actions/setup-node-6
- dev-dependabot/github_actions/actions/upload-pages-artifact-4
- dev-feature/docs
- dev-feature/memory-efficient-log-reader
- dev-feature/pii-scrubber
- dev-feature/mcp-tools
- dev-dependabot/github_actions/actions/cache-5
- dev-dependabot/github_actions/actions/checkout-6
This package is auto-updated.
Last update: 2026-01-26 10:16:08 UTC
README
MCP server and REST API for Laravel application introspection.
Connect your MCP client directly to your Laravel app. Check health, read logs, inspect queues, run commands - all through natural conversation.
Installation
composer require stumason/laravel-kick
Add to .env:
KICK_ENABLED=true KICK_TOKEN=your-secure-random-token
MCP Setup
Add to ~/Library/Application Support/Claude/claude_desktop_config.json:
{
"mcpServers": {
"my-app": {
"command": "npx",
"args": [
"mcp-remote@latest",
"https://your-app.com/mcp/kick",
"--transport",
"http-only",
"--header",
"Authorization:${AUTH_HEADER}"
],
"env": {
"AUTH_HEADER": "Bearer your-kick-token"
}
}
}
}
Then ask the LLM:
- "Check the health of my app"
- "Show me the last 20 ERROR entries in the logs"
- "What's failing in the queue?"
- "Clear the config cache"
Available Tools
| Tool | Description |
|---|---|
kick_health |
Database, cache, storage, redis connectivity |
kick_stats |
CPU, memory, disk, uptime |
kick_logs_list |
List log files |
kick_logs_read |
Read logs with filtering |
kick_queue_status |
Queue overview, failed jobs |
kick_queue_retry |
Retry failed jobs |
kick_artisan_list |
List available commands |
kick_artisan_run |
Execute whitelisted commands |
REST API
The same functionality is available via HTTP:
curl -H "Authorization: Bearer $TOKEN" https://app.com/kick/health curl -H "Authorization: Bearer $TOKEN" https://app.com/kick/stats curl -H "Authorization: Bearer $TOKEN" "https://app.com/kick/logs/laravel.log?level=ERROR" curl -X POST -H "Authorization: Bearer $TOKEN" -d '{"command":"cache:clear"}' https://app.com/kick/artisan
See the API documentation for all endpoints.
Security
- Disabled by default (
KICK_ENABLED=false) - Token-based authentication with scopes
- Artisan command whitelist
- Path traversal protection
- Automatic PII scrubbing from logs
Requirements
- PHP 8.4+
- Laravel 12
License
MIT