// MCP TOOL REFERENCE

DEVBOX TOOLS

38 tools from the Devbox MCP Server, categorised by risk level.

View the Devbox policy → Token cost: 7,143 tokens →
// ALL 38 DEVBOX TOOLS
READ 7 tools
Read devbox_approvals Approvals. action: list | decide | approve_all. When suggested_action is DECIDE_APPROVAL, call decide with ... Read devbox_audit List audit events. action: list. Optionally scope by run_id, limit. Read devbox_ci_checks CI/PR checks. action: run_pr_checks | github_pr_checks | run_pr_check_logs | github_check_logs. Use run_* w... Read devbox_context_search Search context artifacts by keyword, semantic similarity, or hybrid mode. Returns ranked results with relev... Read devbox_poll_all Poll all active runs across all projects in one call. Returns status of every run that is queued, planning,... Read devbox_status Get overall project health in one call: last run per project, active runs, pending approvals, project_state... Read devbox_tool_catalog Machine-readable catalog of MCP tools, actions, and conventions. Use for onboarding, query planning, and se...
WRITE 6 tools
Write devbox_context_annotate Add an annotation (comment, tag, or link) to a context artifact. Annotations are lightweight metadata addit... Write devbox_context_register Register a new context artifact with metadata, trust tier, and sensitivity classification. Triggers DLP sca... Write devbox_context_resolve_contradiction Resolve a detected contradiction between two context artifacts. Accepts a resolution strategy (keep_a, keep... Write devbox_planner Planner. action: generate | analyze | rank_files | health | intent_review | plan_review. generate: codebase... Write devbox_plans_sync Sync plan files from ~/.cursor/plans/ and ~/.claude/plans/ to project .cursor/plans/. Makes plans visible t... Write devbox_setup Setup and integrations. action: setup_status | auth_add | auth_list | stripe_products | stripe_prices | str...
DESTRUCTIVE 2 tools
Destructive devbox_projects Project CRUD. action: list | get | create | update | delete | provision_repo. Use list to discover project_... Destructive devbox_runs_cancel_all Cancel all non-terminal runs for a project. Use when cleaning up stuck or unwanted runs.
EXECUTE 23 tools
Execute devbox_admin Admin operations. action: invite_alpha | list_alpha_users | transition_alpha | stripe_platform_setup | stri... Execute devbox_agent_handoff Agent handoff: send summary + context to DevBox, get next action (continue, create_run, done, wait). Use wh... Execute devbox_billing Billing and subscription management. action: subscription_status | usage | checkout | portal | entitlements... Execute devbox_context_bundle Resolve a canonical bundle into provenance-heavy derived context. Returns ordered semantic sections, inline... Execute devbox_context_compile Compile a context bundle from a set of artifacts, applying layering (base, project, session, ephemeral), de... Execute devbox_context_explain Explain why a context bundle was compiled the way it was. Returns a human-readable explanation of layering ... Execute devbox_deploy Deploy and rollback. action: deploy | rollback. deploy requires step_id, image_uri, digest, service_name, e... Execute devbox_health_map Project Health Map. action: get | analyze | feature | summary | prompt | outcome | delta | infer_goals. get... Execute devbox_help Get DevBox tool documentation for a topic. Topics: turn_start, workflow, deploy, runs, projects, approvals,... Execute devbox_memory Project memory for agents. action: search | store | bootstrap | bootstrap_status. search: semantic retrieva... Execute devbox_ops Ops and diagnostics. action: runner_health | worker_stats | ecs_status | logs_control_plane_tail | trace_by... Execute devbox_project_plans Project plans for multi-stage work. action: create_plan | get_plan | update_plan_stage | list_plans. Coordi... Execute devbox_project_state Project state and pipeline. action: state | pipeline_status. state returns run_branches, open_prs, orphans,... Execute devbox_quality_graph Quality Graph queries — the unified verification chain from outcome to evidence. action: chain (full chain ... Execute devbox_run_code_result Submit code result or instruction feedback. action: code_result_submit | instruction_feedback. code_result_... Execute devbox_run_guidance Get full run guidance in one call: run status, next instruction, pending approvals, and suggested_action (A... Execute devbox_run_lifecycle Run lifecycle control. action: cancel | close_with_note | report | diff | advance | next_instruction | even... Execute devbox_run_link_pr Link an existing PR to a run. Use when PR was opened from a different branch than the run's repo_ref. Syncs... Execute devbox_run_logs Run step logs. action: step_log_get | logs_tail | step_fail_orphan. step_fail_orphan marks stuck step as or... Execute devbox_run_step Step control. action: retry | complete | rewind. retry: reset failed step to queued so worker re-executes. ... Execute devbox_run_validations DP-05: Run validations. action: review_code | review_architecture | uat_simulate | validate_logs | run_chec... Execute devbox_runs Run discovery and creation. action: list | create | get | plan | steps. list discovers runs with awaiting_d... Execute devbox_surfaces Surface verification. action: surfaces_dashboard | surfaces_crawl | surfaces_verify | surfaces_fix | get_ne...
// RUNNING THIS SERVER

The managed route: connect Devbox through the PolicyLayer gateway — every tool call above is checked against your policy before it runs, with a full audit log.

DIRECT INSTALL (UNMANAGED) npx -y devbox-mcp-server
// FAQ
How many tools does the Devbox MCP server have? +

The Devbox MCP server exposes 38 tools across 4 categories: Read, Write, Destructive, Execute.

How do I enforce policies on Devbox tools? +

Route the Devbox server through the PolicyLayer gateway. Define allow, deny, or approval rules per tool in the dashboard — they are enforced on every call before it reaches the server.

What risk categories do Devbox tools fall into? +

Devbox tools are categorised as Read (7), Write (6), Destructive (2), Execute (23). Each category has a recommended default policy.

Let agents act without letting them run wild.

Route your MCP servers through PolicyLayer and every tool call is checked against your policy before it runs — allow, deny, or require approval. Per-identity grants. Full audit log. Live in minutes.

SECURE YOUR MCP →

Free to start. No card required.

4,600+ MCP servers and 31,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.