Build an AI ops agent: SSL, DNS, and uptime via MCP

Your production site goes down at 2 AM. Nobody notices until a customer tweets about it. The SSL cert expired three days ago. The DNS migration you ran last week silently dropped an MX record. The accessibility regression from the last deploy broke screen reader navigation.

These failures share a root cause: ops checks happen on a schedule or not at all. You can change that. Connect the Botoi MCP server to Claude Code or Cursor, and your AI assistant becomes an ops agent. Ask it to check SSL expiry, diff DNS records, verify uptime, or audit accessibility. It calls the tools and returns structured results in seconds.

Connect the MCP server (30 seconds)

The Botoi MCP server exposes 49 developer tools through a single endpoint. Four of them handle infrastructure monitoring: lookup_ssl_cert_expiry, lookup_dns_monitor, lookup_accessibility, and the /v1/uptime/check REST endpoint.

Claude Code

Run this in your terminal:

claude mcp add botoi --transport streamable-http https://api.botoi.com/mcp

Done. Claude Code discovers the tools on your next conversation.

Claude Desktop or Cursor

Add this to your config file (claude_desktop_config.json for Claude Desktop, .cursor/mcp.json for Cursor):

{
  "mcpServers": {
    "botoi": {
      "type": "streamable-http",
      "url": "https://api.botoi.com/mcp"
    }
  }
}

Restart the app. The 49 tools appear in the tool picker.

Tool 1: Check SSL certificate expiry

The lookup_ssl_cert_expiry MCP tool queries crt.sh for the latest certificate issued to a domain. It returns the issuer, validity dates, days remaining, and boolean flags for expired and expiring_soon (30 days or fewer).

Ask Claude: "Check if stripe.com's SSL certificate expires within 30 days."

You: "Check if stripe.com's SSL certificate expires within 30 days"

Tool call: lookup_ssl_cert_expiry
Input: { "domain": "stripe.com" }

Result:
{
  "success": true,
  "data": {
    "domain": "stripe.com",
    "issuer": "Let's Encrypt",
    "subject": "stripe.com",
    "valid_from": "2026-02-18T00:00:00.000Z",
    "valid_to": "2026-05-19T00:00:00.000Z",
    "days_remaining": 44,
    "expired": false,
    "expiring_soon": false
  }
}

Claude reads the days_remaining field (44) and the expiring_soon flag (false), then tells you the cert is valid for another 44 days. No openssl s_client commands. No browser certificate inspector.

Tool 2: Monitor DNS record changes

The lookup_dns_monitor MCP tool queries A, AAAA, MX, TXT, NS, and CNAME records for a domain. It stores a snapshot in KV after each check (retained for 7 days) and compares the current results against the previous snapshot. Changed records get a changed: true flag.

Ask Claude: "Check DNS records for acme.com and flag any changes since last check."

You: "Check DNS records for acme.com and flag any changes since last check"

Tool call: lookup_dns_monitor
Input: { "domain": "acme.com" }

Result:
{
  "success": true,
  "data": {
    "domain": "acme.com",
    "checked_at": "2026-04-05T14:22:01.000Z",
    "previous_check": "2026-04-04T09:15:33.000Z",
    "changes_detected": true,
    "records": {
      "A": {
        "current": ["104.21.32.1", "172.67.180.1"],
        "previous": ["93.184.216.34"],
        "changed": true
      },
      "MX": {
        "current": ["10 mail.acme.com."],
        "previous": ["10 mail.acme.com."],
        "changed": false
      },
      "TXT": {
        "current": ["v=spf1 include:_spf.google.com ~all"],
        "previous": ["v=spf1 include:_spf.google.com ~all"],
        "changed": false
      }
    }
  }
}

Claude spots that the A records changed from a single IP to two new IPs, while MX and TXT records stayed the same. If you migrated to Cloudflare yesterday, those new A records confirm the propagation worked. If you didn't, something is wrong.

Run the same prompt daily or after DNS migrations. Each check creates a new baseline for the next comparison.

Tool 3: Verify endpoint uptime

The uptime check lives at /v1/uptime/check as a REST endpoint. It sends a HEAD request to any URL, measures the response time, and stores up to 10 historical checks in KV.

curl -X POST https://api.botoi.com/v1/uptime/check \
  -H "Content-Type: application/json" \
  -d '{"url": "https://api.acme.com/health"}'

The response includes the current status, response time, and history:

{
  "success": true,
  "data": {
    "url": "https://api.acme.com/health",
    "status": 200,
    "response_time_ms": 142,
    "is_up": true,
    "checked_at": "2026-04-05T14:30:00.000Z",
    "history": [
      { "status": 200, "response_time_ms": 138, "checked_at": "2026-04-05T08:00:00.000Z" },
      { "status": 200, "response_time_ms": 155, "checked_at": "2026-04-04T20:00:00.000Z" },
      { "status": 503, "response_time_ms": 5012, "checked_at": "2026-04-04T12:00:00.000Z" }
    ]
  }
}

The history array shows a 503 error from yesterday at noon. Response time spiked to 5,012ms before the service returned a server error. Claude reads this history and flags the incident without you scanning a dashboard.

You can also ask Claude directly: "Check if https://api.acme.com/health is up and show the response time history." Claude calls the endpoint and summarizes the results.

Tool 4: Audit page accessibility

The lookup_accessibility MCP tool fetches a webpage and runs 10 checks: image alt text, lang attribute, page title, empty links, empty buttons, heading order, viewport meta tag, form labels, skip navigation link, and duplicate IDs. It returns a score (0-100), an issues list, and a summary.

You: "Run an accessibility audit on https://acme.com"

Tool call: lookup_accessibility
Input: { "url": "https://acme.com" }

Result:
{
  "success": true,
  "data": {
    "url": "https://acme.com",
    "score": 70,
    "issues": [
      { "rule": "img-alt", "severity": "error", "count": 3, "description": "Images missing alt text" },
      { "rule": "heading-order", "severity": "warning", "count": 1, "description": "Heading levels skip one or more levels" },
      { "rule": "skip-nav", "severity": "warning", "count": 1, "description": "Missing skip navigation link" }
    ],
    "summary": {
      "errors": 1,
      "warnings": 2,
      "passes": 7,
      "total_checks": 10
    }
  }
}

Claude reports a score of 70/100 with three images missing alt text, a heading level skip, and no skip navigation link. It can suggest specific fixes for each issue, because the response includes rule names and descriptions.

Chain all four in one prompt

The real value of an AI ops agent shows when you combine checks. Try this:

You: "Full ops check on acme.com: SSL expiry, DNS changes,
uptime for https://acme.com/health, and accessibility audit"

Claude calls all four tools in sequence and builds a single report:

• SSL cert for acme.com: 44 days remaining, not expiring soon
• DNS records: A records changed since yesterday (migration confirmed)
• Uptime: 200 OK, 142ms response time, one 503 incident yesterday at noon
• Accessibility: 70/100, three images missing alt text, heading order warning

Four tools, one prompt, one summary. No browser tabs. No terminal windows. No dashboards.

Add an API key for production monitoring

Anonymous access allows 5 requests per minute and 100 per day. That handles ad-hoc checks during development. For scheduled or frequent monitoring, add an API key:

{
  "mcpServers": {
    "botoi": {
      "type": "streamable-http",
      "url": "https://api.botoi.com/mcp",
      "headers": {
        "Authorization": "Bearer YOUR_API_KEY"
      }
    }
  }
}

Get a free API key at botoi.com/api for 1,000 requests per day. Paid plans start at $9/month for 10,000 requests per day.

What you can build from here

These four tools cover the foundation of infrastructure monitoring. A few ways to extend the workflow:

• Ask Claude to check SSL certs for all your domains in one prompt. It calls lookup_ssl_cert_expiry for each domain and flags any that expire within 30 days.
• Run DNS monitoring after every Terraform apply. Compare the expected records against what the tool reports.
• Combine the uptime endpoint with a cron job. Store results in a database and ask Claude to analyze trends: "Show me all endpoints with p95 response times above 500ms this week."
• Run accessibility checks before every release. Block deploys if the score drops below a threshold.

The Botoi MCP server gives your AI assistant 49 tools total. Explore the full MCP setup docs for the complete tool list, or browse the API docs for all 150+ REST endpoints.