CompetLab MCP Server
What it is
The CompetLab MCP Server is the agent-facing surface of CompetLab. CompetLab tracks where you stand across the AI engines — ChatGPT, Claude, Gemini — and the whole competitive picture around them, then hands you a monthly Strategic Briefing on what to do about it. The MCP server puts that same intelligence one tool call away from any AI agent: connect once, and your assistant can read your dimensions, competitors, alerts, and briefing in the flow of a conversation, with no integration code to write.
This is CompetLab as infrastructure — the intelligence flowing into the tools you and your agents already use, rather than one more dashboard to open. If you’re wiring CompetLab into an assistant or an agent workflow, this is the shortest path in. For server-to-server automation on a schedule, reach for the REST API instead; it’s the same data underneath.
What it exposes
The server exposes 33 tools — and only tools. There are no MCP resources and no prompts; everything is a callable tool that maps to a real CompetLab capability. The tools fall into a few clear areas:
| Area | Tools | What they do |
|---|---|---|
| Projects | 2 | List your projects; get one project’s setup and freshness. |
| Competitors | 2 | List the competitors in a project; get one competitor’s detail. |
| AI Visibility | 4 | Your AI Visibility Score dashboard, history, a single check’s detail, and provider trends. |
| Positioning | 3 | Positioning dashboard, history, and one run’s detail. |
| Pricing | 3 | Pricing dashboard, history, and one run’s detail. |
| Content | 4 | Content dashboard, history, run detail, and the content changelog. |
| Tech & Trust | 3 | Tech & Trust dashboard, history, and one run’s detail. |
| Alerts | 1 | List alerts, filtered by dimension and severity. |
| Schedules | 1 | List your monitoring schedules. |
| Strategic Briefing | 1 | Pull your Strategic Briefing. |
| Free Tools | 9 | Run the public scans — sitemap, AI-crawler check, URL fetch, and start/get for the tech-stack, trust-signals, and agent-adoption scans. |
The five dimension areas — AI Visibility, Positioning, Pricing, Content, and Tech &
Trust — are the five dimensions CompetLab monitors continuously. The get_briefing
tool returns the full Strategic Briefing, which is broader: 13 dimensions in all — the 5
monitored, plus 8 researched dimensions for the monthly briefing. Every
tool, with its parameters and an example, is in the tool reference.
How it works
The server is a thin, stateless proxy in front of the CompetLab REST API. When your agent calls a tool, the server takes the API key you sent, forwards the request to the same backend that powers the dashboards, and returns the result inline for the model to reason over. It keeps no session and holds no key of its own — each request stands on its own.
Your AI agent
│ Streamable HTTP + CL-API-Key
▼
mcp.competlab.com/mcp (stateless proxy — forwards your key per request)
│ HTTPS
▼
CompetLab REST API
→ your projects & competitors
→ the 5 monitored dimensions
→ the Strategic BriefingBecause it’s stateless, there’s no connect-and-stay handshake to manage and nothing to keep warm — the key travels with every call. And because it sits on top of the REST API, the data you get through a tool is the same data the REST API and the app return.
Authentication
Every call needs a CompetLab API key. Keys start with cl_live_ and are 40 characters
long. You provide the key in one of two ways:
| Method | Where the key goes | Use it when |
|---|---|---|
CL-API-Key header | An HTTP header on each request | Your client can send custom headers (Claude Code, Cursor, VS Code, Windsurf, Cline). |
?api_key= query parameter | On the server URL itself | Your client can’t send custom headers — Claude on the web is the main case. |
If both are present, the header wins. Create and manage keys in your CompetLab organization settings (up to five active keys per organization). The step-by-step setup for each client — including the key-in-URL path for Claude on the web — is in the Connect guide.
Endpoints and discovery
Beyond the tool endpoint, the server publishes a discovery card and a health check:
| Endpoint | Method | Purpose |
|---|---|---|
/mcp | POST | The MCP Streamable HTTP endpoint your client calls. |
/.well-known/mcp/server-card.json | GET | Public discovery card — capabilities and the advertised tool list. |
/health | GET | Liveness, plus whether the upstream API is reachable. |
The discovery card is public and needs no key, so you can inspect what the server offers before you connect:
# Inspect the server's capabilities and advertised tools
curl https://mcp.competlab.com/.well-known/mcp/server-card.jsonWhat it doesn’t do
A few honest limits, so you know what you’re wiring in:
- It’s read-first, not read-only. 30 of the 33 tools only read your data. The three exceptions are the free-tool scanners (tech stack, trust signals, agent adoption), which start a live scan of a URL you give them and return a scan ID you poll. Nothing the server exposes writes to or changes your CompetLab projects, alerts, or settings.
- Tools only. No MCP resources, no prompts — just the 33 tools.
- It sees only what your key sees. The server has no data of its own; it can reach exactly what your API key can reach over the REST API.
- No OAuth yet. Authentication is by API key (header or URL). That’s why header-less clients like Claude on the web pass the key in the URL.
Next steps
- Connect to the server → — ready-to-paste config for every supported client, plus the Claude-on-the-web path.
- Browse the 33 tools → — each tool with its parameters and a worked example.
FAQ
What is the CompetLab MCP Server?
It's a hosted Model Context Protocol server that lets an AI agent read your CompetLab competitive intelligence directly. You point an MCP client at https://mcp.competlab.com/mcp, authenticate with a CompetLab API key, and the agent gets 33 tools — your monitored dimensions, competitors, alerts, and the Strategic Briefing, plus CompetLab's free scan tools. It's the same data that powers the dashboards and the REST API, reached the way agents prefer: as callable tools, in the middle of a conversation, with no glue code to write.
Which clients can connect to it?
Any MCP client that speaks Streamable HTTP. That includes Claude Code, Claude Desktop, Claude on the web, Cursor, VS Code (Copilot), Windsurf, and Cline. The connection is the same everywhere — the server URL plus your API key — only the config file format differs from one client to the next. The Connect guide has a ready-to-paste configuration for each one, so setup is copy, paste, and add your key.
How do I authenticate?
With a CompetLab API key. Every key starts with cl_live_ and is 40 characters long. You send it one of two ways: as a CL-API-Key header, or as an ?api_key= parameter on the server URL. Most clients use the header; the URL parameter exists for clients that can't send custom headers, of which Claude on the web is the main one. If you send both, the header wins. You create and manage keys — up to five active per organization — in your CompetLab organization settings.
Can I use it with Claude on the web?
Yes. Claude on the web connects to remote MCP servers by URL and doesn't send custom headers, so you pass your key in the URL: https://mcp.competlab.com/mcp?api_key=cl_live_your_key. That's the whole setup. Because the key sits in the URL, treat that URL like a secret — don't paste it into shared chats or commit it anywhere. If your client does support headers, like Cursor or VS Code, use the header form instead and keep the key out of the URL.
Is the server read-only?
Almost. 30 of the 33 tools only read your data — projects, competitors, the five monitored dimensions, alerts, schedules, and the Strategic Briefing. The three exceptions are the free-tool scanners for tech stack, trust signals, and agent adoption, which start a live scan of a URL you give them and hand back a scan ID you poll for the result. Nothing the server exposes writes to or changes your CompetLab account, projects, or settings — there are no configuration or mutation tools.
What data can the agent reach through it?
Whatever your API key can reach over the REST API: your projects and their competitors, the five monitored dimensions (AI Visibility, Positioning, Pricing, Content, and Tech & Trust), your alerts and schedules, and your Strategic Briefing. On top of your own data, the free-tool scans run against any public URL — a sitemap check, an AI-crawler check, a URL fetch, and the tech-stack, trust-signals, and agent-adoption scanners. The server can't see anything your key can't.
Do I need to install or run anything?
No. The server is hosted — you add the URL and a key, and you're connected. There's nothing to install and no package to keep updated. An open-source local version exists if you'd rather run the server yourself over stdio, for offline or air-gapped work, but for almost everyone the hosted URL is the shorter, better path. The Connect guide covers both routes.
How is this different from the REST API?
Same data, different consumer. The MCP server is for AI agents — it advertises its tools so an assistant can discover and call them mid-conversation, with no integration code. The REST API is for your own backend: server-to-server automation, scheduled jobs, dashboards you build. Under the hood the MCP server is a thin layer in front of that REST API, so anything you can do here you can also do there. Pick the surface that matches who's calling.
Does the server store my data or my API key?
No. It's stateless: no database of your data and no session — each request stands on its own. It doesn't store your key either; it forwards the key you send straight to the CompetLab REST API, which does the real authentication, and drops it when the request ends. Like any production service it keeps operational logs — errors and basic access metadata such as the request path and client IP — but never your API key, your request contents, or the competitive-intelligence data a tool returns. There's no login step: the key travels with every call, so the connection is only ever as authorized as the key you present.
Are there rate limits?
The free-tool scans are rate-limited per API key — most at 1,000 requests per minute, with the URL-fetch tool held tighter at 60 per minute. Exceed a limit and the tool returns a clear rate-limit error rather than failing silently. Your plan governs overall access. If you're building something high-volume, the same limits and guidance that apply to the REST API apply here, since the MCP server calls it underneath — see the API reference for the current details.