// MCP TOOL REFERENCE

AINOTE TOOLS

32 tools from the Ainote MCP Server, categorised by risk level.

View the Ainote policy → Token cost: 6,438 tokens →
// ALL 32 AINOTE TOOLS
READ 18 tools
Read get_dev_doc Get a single dev document by title or id. Returns full content. Read get_setup_guide Get instructions for setting up AI Note MCP in Claude Desktop, Cursor, or other MCP clients. No authenticat... Read handoff_list List session handoff notes saved in the primary vault under handoffs/, most-recent first. v2 frontmatter fi... Read list_categories List all task categories for the authenticated user. Returns id/name/color/icon/task_count tuples. Read-onl... Read list_dev_categories List all subcategories under dev/ (memory, claude, cursor, env, docs, mcp, custom...) with document counts.... Read list_dev_docs List dev documents under the dev/ category hierarchy. Filter by subcategory (claude, cursor, windsurf, copi... Read list_papers List notes/papers from AI Note. Supports keyword search across title and content, category filtering, pagin... Read list_tasks List all tasks from AI Note with advanced filtering, date ranges, location search, and sorting Read pull_dev_docs Restore all synced files to this device. Fetches every dev doc that has a local_path set and writes the con... Read signup_and_get_key Create a new AI Note account and get an MCP API key. No authentication required. Use this if you don't have... Read sync_audit_layer5 Record the result of a client-side Layer 5 codex review (sync.py merge gate) as a vault_events row. Body of... Read sync_diff Return the unified diff (and raw remote text) of a vault file. Useful for surfacing what `sync_merge` would... Read sync_list Legacy alias for listing files in the primary vault. Read sync_pending_conflicts List unresolved vault_conflicts rows for the authenticated user's primary vault. Used by clients (e.g. Sess... Read sync_pull Legacy alias for pulling files from the primary vault. Read vault_clone Return the GitHub HTTPS clone URL for an existing vault. Authentication is via the user's normal GitHub cre... Read vault_list List the authenticated user's GitHub-backed vaults. Each entry includes slug, github_repo_full_name, sync s... Read vault_sync Wrapper around vault file sync. action=list|pull|push to work against the primary vault. For push: WAF-bypa...
WRITE 10 tools
Write create_dev_doc Save a document to AI Note cloud for multi-device sync and persistent storage. PRIMARY USE CASES: - Memory... Write create_task Create a new task in AI Note. Supports full task creation with dates, times, location, notes, and notificat... Write handoff_save Save a session handoff note for cross-device / cross-session continuation. Stored at handoffs/{project}-{to... Write login_and_get_key Log in to an existing AI Note account and return an MCP API key. No prior authentication required. SIDE EFF... Write sync_merge Compute a stateless 3-way merge for a vault file. Server runs `git merge-file --diff3 --stdout` over (base_... Write sync_push Push a markdown file into the primary vault. Optional CAS via base_sha to detect concurrent multi-PC writes... Write update_dev_doc Update an existing dev document. Supports replace (default), append, or prepend modes. Optionally update th... Write update_task Update an existing task. All fields are optional except id. Write vault_connect_status Check whether the user has installed the ainote GitHub App. If connected, returns account_login + installat... Write vault_create Create a new private vault as a GitHub repository under the user's account. Requires the user to have compl...
DESTRUCTIVE 4 tools
Destructive delete_dev_doc Soft-delete a dev document by title or UUID. Reversible from trash. Pass `category` when multiple docs shar... Destructive delete_task Soft-delete a task by ID. Destructive but reversible within 30 days (TaskCleanupJob purges trash daily at 2... Destructive handoff_get Retrieve a session handoff by project + topic. If date is omitted, returns the most recent matching handoff... Destructive sync_delete Delete a file from the primary vault. Optional CAS via base_sha to detect concurrent multi-PC writes. Prote...
// RUNNING THIS SERVER

The managed route: connect Ainote through the PolicyLayer gateway — every tool call above is checked against your policy before it runs, with a full audit log.

DIRECT INSTALL (UNMANAGED) npx -y @ainote/mcp
// FAQ
How many tools does the Ainote MCP server have? +

The Ainote MCP server exposes 32 tools across 3 categories: Read, Write, Destructive.

How do I enforce policies on Ainote tools? +

Route the Ainote server through the PolicyLayer gateway. Define allow, deny, or approval rules per tool in the dashboard — they are enforced on every call before it reaches the server.

What risk categories do Ainote tools fall into? +

Ainote tools are categorised as Read (18), Write (10), Destructive (4). Each category has a recommended default policy.

Let agents act without letting them run wild.

Route your MCP servers through PolicyLayer and every tool call is checked against your policy before it runs — allow, deny, or require approval. Per-identity grants. Full audit log. Live in minutes.

SECURE YOUR MCP →

Free to start. No card required.

4,600+ MCP servers and 31,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.