The default HOST is set to 0.0.0.0, which binds the server to all network interfaces.

https://github.com/zereight/gitlab-mcp/blob/main/index.ts#L361

Risk

In SSE or HTTP mode, anyone on the same network can access the MCP server and use your GITLAB_TOKEN permissions.

This makes it difficult to use in corporate environments, as it allows unauthorized access from colleagues or other devices on the internal network.

Proposed Fix

Change default to 127.0.0.1 (localhost only).
Users who need external access can still set HOST=0.0.0.0 explicitly.

I'm happy to submit a PR for this fix.