[ MCP server ]

The AI spreadsheet
your agents can drive.

Cube speaks MCP, the open standard that lets AI assistants use other apps. Connect Claude Code, Codex, or Cursor and your agent creates tables, imports CSVs, edits rows, and runs enrichments while you chat with it.

19 tools Scoped access tokens Works with any MCP client
Just talk to it

You ask. Cube's tools do the clicking.

Once connected, your assistant sees Cube's tools and picks the right ones for the job. These are real prompts and the real tools they trigger.

"Create a table called Leads and import the CSV I paste next."

manage_tableimport_csv

"Add an AI column that classifies each company by industry."

add_columnrun_ai_column

"Which rows failed enrichment? Re-run just those."

get_run_statuscontrol_run
Setup

Connect in under a minute. Two things needed.

You need the endpoint and an access token. Both live in your Cube settings. The commands below are ready to copy; swap in your token.

01 · Token

Create an access token.

In Cube, open Settings · Agent access and create a token. Pick only the scopes you want the agent to have: read, write, run. The token is shown once. Treat it like a password.

# The Cube MCP endpoint
https://app.cube.tools/mcp

# Your token looks like
cube_pat_9f2c…   (shown once, revoke any time)
02 · Client

Add Cube to your assistant.

Claude Code: one command in a terminal. Codex: reads the token from an environment variable. Cursor: a small config file. Any other MCP client works too: point it at the endpoint over HTTP with an Authorization header.

# Claude Code
claude mcp add --transport http cube https://app.cube.tools/mcp --header "Authorization: Bearer YOUR_TOKEN"

# Codex
export CUBE_TOKEN="YOUR_TOKEN"
codex mcp add cube --url https://app.cube.tools/mcp --bearer-token-env-var CUBE_TOKEN

# Cursor · .cursor/mcp.json
{
  "mcpServers": {
    "cube": {
      "url": "https://app.cube.tools/mcp",
      "headers": { "Authorization": "Bearer YOUR_TOKEN" }
    }
  }
}
03 · Ask

Ask for what you want.

That's the whole setup. Your assistant now sees Cube's tools and uses them when you ask. Open the sheet in a browser tab and watch the rows change live as the agent works.

# You
"Import this CSV, then add an AI column
 that scores each lead against our ICP."

# Your agent
→ import_csv · add_column · run_ai_column
→ 1,847 rows scored. 214 look like a fit.
The toolbox

19 tools. The whole spreadsheet.

Everything you can do in the app, an agent can do over MCP. Each tool respects the scopes on your token.

Read

list_tablesget_sheetread_rows

Browse tables, sheet structure, and data. Reads page through big sheets without flooding the agent's context.

Rows

append_rowsupdate_cellsdelete_rows

Add, edit, and remove rows. Changes appear live in any open browser tab, like any other edit.

Columns

add_columnrename_columndelete_columnsort_sheet

Shape the sheet: create, rename, and delete columns, or sort the whole sheet by any column.

Tables & import

manage_tablemanage_sheetimport_csv

Provision from scratch: new tables, new sheets, CSV import. An agent can build a workspace without you touching the app.

Enrichment runs

run_ai_columnrun_http_enrichmentget_run_statuscontrol_run

Start AI and HTTP API runs, check progress, pause, resume, cancel, or re-run. Runs on all rows or just the ones you name.

Models

list_modelsset_default_model

Search the model catalog and set your account or per-sheet default, so runs use the model you actually want.

Access control

Scoped by design. Revocable in one click.

Tokens, not passwords.

Agents authenticate with access tokens you mint, never your login. A token can't create or revoke other tokens, and browser sessions can't call MCP. Two separate doors.

Only the scopes you grant.

read, write, and run are separate scopes. A read-only token can't touch a cell. A token without run can't start an enrichment. Give each agent the minimum it needs.

Your keys stay put.

No tool returns your stored API keys. Runs that use your saved provider keys require an extra, explicit secrets scope. An agent without it can never spend them.

Kill it any time.

Delete a token in settings and it's dead immediately. Every token shows when it was last used, so you can spot and drop anything you no longer recognize.

FAQ

Questions, answered.

What is MCP?

MCP (Model Context Protocol) is an open standard that lets AI assistants securely use other apps. An MCP server describes what it can do as tools; your assistant calls those tools on your behalf. Cube's MCP server is built in. There is nothing to install or host.

Which AI tools can connect?

Claude Code, Codex, and Cursor have one-step setup above. Beyond those, any MCP client that speaks HTTP works: point it at https://app.cube.tools/mcp and send your token in an Authorization header.

What can an agent actually do?

Everything the 19 tools cover: create tables and sheets, import CSVs, read and edit rows, manage columns, sort, start and control AI and HTTP enrichment runs, and pick models. Each tool checks your token's scopes first.

What if a token leaks?

Delete it in Settings · Agent access and it stops working immediately. Tokens carry only the scopes you chose, can't mint new tokens, and can't read your stored API keys, so the blast radius stays small. Runs that spend your saved keys need an extra secrets scope you have to grant on purpose.

Does MCP access cost anything?

No. It's part of the free plan. AI and API usage started by an agent is billed by your providers through your own keys, exactly like runs you start in the app. Cube adds no markup.

Your agent is ready. Give it a spreadsheet.

Sign up free, mint a token, and run your first enrichment from a chat.

Start free