Tools reference
The hosted MCP server exposes tools that operate through normal LFG List permissions. A tool can only see and change data available to the user behind the Personal Access Token.
Connection and project tools
Section titled “Connection and project tools”| Tool | What it does |
|---|---|
get_config_status |
Shows non-secret MCP configuration status. |
list_projects |
Lists projects visible to the token owner. |
get_project |
Gets one project by id, name, or configured default project. |
Item tools
Section titled “Item tools”| Tool | What it does |
|---|---|
list_items |
Lists items in a project, optionally filtered by search, active/complete status kind, trash state, and limit. |
create_item |
Creates a new item in a project. |
update_item_status |
Moves an item to another status by status id. |
add_item_comment |
Adds a comment to an item. |
Label tools
Section titled “Label tools”| Tool | What it does |
|---|---|
create_project_label |
Creates a project label. |
update_project_label |
Updates a project label name or color. |
delete_project_label |
Deletes a project label and lets the backend remove item references. |
set_item_labels |
Replaces an item’s labels with the supplied label ids. |
add_item_label |
Adds one project label to an item. |
remove_item_label |
Removes one project label from an item. |
Current limitations
Section titled “Current limitations”The first hosted MCP release intentionally keeps the surface area small.
Currently, the MCP server does not expose tools to:
- Delete projects or items.
- Empty trash.
- Update item title or description.
- Manage users, billing, or system administration.
If an agent needs one of those actions, it should tell you the action is not available through MCP yet instead of guessing.
Permission model
Section titled “Permission model”The MCP server authenticates each request with your Personal Access Token and then calls the LFG List API as you.
That means:
- Project membership controls what the agent can see.
- Normal backend validation still applies.
- Revoking the token immediately removes the agent’s access.