MCP Tools & Scopes
The MCP server exposes one tool per Tissue operation, named <area>_<verb>. Tools are filtered at runtime by your token's scopes — a read-only token never sees write or delete tools at all; they don't appear in the tool list. Every tool carries MCP annotations (readOnlyHint/destructiveHint/idempotentHint) so hosts can prompt for confirmation on destructive actions, and returns machine-readable structuredContent alongside human-readable text.
Available tools
| Tool | Scope | What it does |
|---|---|---|
whoami |
(none) | Show account, user, and effective token scopes |
search_tissue_docs |
(none) | Keyword-search these docs (returns relevant sections) |
cell_list |
cells:read |
List all deployed Cells |
cell_get |
cells:read |
Get metadata and bindings for a Cell |
cell_logs |
cells:read |
Recent console.log output from a Cell |
cell_errors |
cells:read |
Recent uncaught errors from a Cell |
cell_deploy |
cells:write |
Deploy a JS Cell from source code |
cell_invoke |
cells:read |
Make an HTTP request to a Cell and return the response |
cell_delete |
cells:delete |
Delete a Cell |
pulse_list |
cells:read |
List a Cell's pulse (cron) schedules |
pulse_trigger |
cells:write |
Fire a Cell's pulse handler now ("run now") |
c3_database_list |
databases:read |
List all c3 SQL databases |
c3_database_create |
databases:write |
Create a new c3 database |
c3_database_drop |
databases:delete |
Delete a database |
c3_query |
databases:read |
Run a read-only query and get rows back |
c3_execute |
databases:write |
Run INSERT / UPDATE / DELETE / DDL |
c3_batch |
databases:write |
Run multiple statements atomically |
g7_bucket_list |
buckets:read |
List all g7 buckets |
g7_bucket_create |
buckets:write |
Create a new bucket |
g7_bucket_delete |
buckets:delete |
Delete a bucket |
g7_object_list |
buckets:read |
List objects in a bucket |
g7_object_get |
buckets:read |
Download a small object (text or base64) |
g7_object_put |
buckets:write |
Upload a small object (text or base64) |
g7_object_delete |
buckets:delete |
Delete an object |
g7_presign_upload |
buckets:write |
Get a short-lived presigned PUT URL (binary/bulk upload) |
g7_presign_download |
buckets:read |
Get a short-lived presigned GET URL (binary/large download) |
vault_key_list |
vault:read |
List secret key names for a Cell |
vault_set |
vault:write |
Set an encrypted secret for a Cell |
vault_delete |
vault:write |
Delete a secret |
token_list |
account:read |
List the account's API tokens |
token_create |
account:write |
Create a new scoped API token |
token_revoke |
account:write |
Revoke an API token |
c3_query is read-only and works with a databases:read token — the query runs under an engine-enforced read-only connection, so any write is rejected; use c3_execute (databases:write) to modify data.
g7_object_get/g7_object_put are size-limited (256 KB) to keep bytes out of the model's context; small binary is supported via base64 (encoding: "base64"). For large or many files, use g7_presign_upload / g7_presign_download — they return a short-lived URL you upload/download bytes to directly (e.g. curl -T file "<url>"), so the data never passes through the model. Object keys may not contain @.
Scope reference
| Scope | Grants |
|---|---|
cells:read |
List cells, view metadata, logs, errors |
cells:write |
Deploy (create or update) cells |
cells:delete |
Delete cells |
databases:read |
List databases, run read-only queries |
databases:write |
Create databases, run INSERT/UPDATE/DELETE/DDL |
databases:delete |
Drop databases |
buckets:read |
List buckets and objects, download objects |
buckets:write |
Create buckets, upload objects |
buckets:delete |
Delete objects and buckets |
vault:read |
List vault key names (never values) |
vault:write |
Set and delete vault secrets |
A browser-login session has all scopes implicitly. API tokens carry an explicit allow-list — scope them to the minimum an agent needs.
Common presets
# Full access
ribo token create "Claude" \
--scope cells:read --scope cells:write --scope cells:delete \
--scope databases:read --scope databases:write --scope databases:delete \
--scope buckets:read --scope buckets:write --scope buckets:delete \
--scope vault:read --scope vault:write
# Read-only across everything
ribo token create "Read-only" \
--scope cells:read --scope databases:read --scope buckets:read --scope vault:read
# Deploy only (CI pipeline)
ribo token create "CI" --scope cells:read --scope cells:write
Things to ask Claude
Once connected, try:
Show me all my deployed Cells and their URLs.
Create a c3 database called "todos" with a tasks table (id, title, done, created_at).
Deploy a Cell called "hello" that returns "Hello, world!" for any request.
Show me the last 20 errors from my "payment-processor" Cell.
Security notes
- API tokens are shown once at creation and can't be retrieved again — store them in a password manager.
- Scope tokens to the minimum required. A data-analysis agent needs
databases:read, notcells:delete. - The MCP server holds no credentials of its own. Revoking a token (
ribo token revoke <id>or the dashboard) immediately cuts off all access.
See also
- MCP Server — connecting Claude and other clients
- REST API — the
/v1endpoints these tools call