Tissue now has an MCP server. Point Claude — or Cursor, Windsurf, or any Model Context Protocol client — at one URL and manage your whole account in plain language: deploy Cells, query c3, read and write g7 objects, schedule pulses, and handle secrets, without leaving the chat.
The endpoint is https://tissue.systems/mcp. Everything an agent can see and do
is bounded by the token you give it — least privilege, by construction.
For Claude Code, that's the whole setup:
claude mcp add --transport http tissue https://tissue.systems/mcp
On first use it opens your browser, you sign in to Tissue once, and the tools light up — no
token to copy, no config file to hand-edit. Under the hood it's a standard OAuth flow with
automatic client registration; the same browser-login works in Claude Desktop, Claude.ai,
and Cursor. For CI and headless agents, create a scoped tok_… token instead and
pass it as a bearer header. Full setup for every client is in
the docs.
The server exposes one tool per operation, named <area>_<verb>, and
filters them by your token's scopes — a read-only token simply never sees the
write or delete tools.
| Area | Tools |
|---|---|
| Cells | cell_list, cell_get, cell_deploy, cell_invoke, cell_logs, cell_errors, cell_delete |
| c3 — SQL | c3_query (read-only), c3_execute, c3_batch, c3_database_list/create/drop |
| g7 — storage | g7_bucket_*, g7_object_*, g7_presign_upload, g7_presign_download |
| pulse — cron | pulse_list, pulse_trigger |
| vault — secrets | vault_key_list, vault_set, vault_delete |
| account | whoami, token_list/create/revoke, search_tissue_docs |
Once connected, ask in plain language:
Deploy a Cell called "hello" that returns "Hello, world!" for any request.
Create a c3 database "todos" with a tasks table (id, title, done, created_at),
then show me everything in it.
Show me the last 20 errors from my "payment-processor" Cell.
List my buckets and tell me the total size of the "uploads" bucket.Claude calls the right tools, chains them, and reports back — deploying, querying, and inspecting as it goes.
Object bytes don't belong in a model's context. For anything beyond small text, the server mints a short-lived presigned URL and the bytes move out-of-band — straight to storage, never through Claude:
You: upload ./logo.png to my "assets" bucket.
Claude → g7_presign_upload → returns a one-time PUT URL
→ curl -T logo.png "<url>" (bytes go directly to g7)Because Tissue is the storage layer, the presigned URL is signed and verified by g7 itself — time-boxed, scoped to a single object and method, and tied to your bucket's credentials. The agent gets a capability, not your keys.
Small choices add up to a server that's safe and legible for an LLM to drive:
| Feature | Why it matters |
|---|---|
| Scoped tokens | Grant an agent databases:read and nothing else — enforced at the token, and read queries run on a read-only connection so writes are rejected by the engine. |
| Tool annotations | Every tool is tagged read-only / destructive / idempotent, so your client can ask before it deletes. |
| Structured output | Results come back as machine-readable JSON, not just text — the agent doesn't have to re-parse prose. |
| Docs search | search_tissue_docs lets the agent look up exact syntax instead of guessing. |
| Current protocol | Negotiates up to MCP 2025-11-25 and works with today's clients out of the box. |
Add the server, sign in, and ask Claude to deploy something:
claude mcp add --transport http tissue https://tissue.systems/mcpThe full guide — browser login and token setup for Claude Code, Claude Desktop, Claude.ai, and Cursor, plus the complete tool and scope reference — lives at docs.tissue.systems/docs/mcp.