// MCP TOOL REFERENCE

CAIRN TOOLS

6 tools from the Cairn MCP Server, categorised by risk level.

View the Cairn policy →

READ TOOLS

2
cairn_domain Read a specific .cairn/domains/<name>.md file — Layer 2 domain design context. Contains: current design, trajectory, rejected paths (with re-evalua... cairn_query Search .cairn/history/ entries — Layer 3 raw decision events. Returns full history entries sorted chronologically by decision_date. Use this to loo...

WRITE TOOLS

1
cairn_write_history Write a new history entry directly to .cairn/history/ — no staging, no gate. Use this after completing a task that produced a recordable event: sig...

EXECUTE TOOLS

3
cairn_doctor Run 'cairn doctor --json' and return structured health check results. Use at session start or after writing history/domain files to verify .cairn/ ... cairn_match Match keywords from the user's request against domain file hooks — precise machine-level intent detection without AI inference. Call this with keyw... cairn_output Read .cairn/output.md — the Layer 1 global constraint file. Contains: stage (project phase), no-go (banned directions), hooks (domain keywords), st...
// FAQ
How many tools does the Cairn MCP server have? +

The Cairn MCP server exposes 6 tools across 3 categories: Read, Write, Execute.

How do I enforce policies on Cairn tools? +

Use Intercept, the open-source MCP proxy. Write YAML rules for each tool — rate limits, argument validation, or deny rules — then run Intercept in front of the Cairn server.

What risk categories do Cairn tools fall into? +

Cairn tools are categorised as Read (2), Write (1), Execute (3). Each category has a recommended default policy.

Let agents act without letting them run wild.

Deterministic policy on every MCP tool call. Per-identity grants. Full audit log.

GET STARTED →
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.