// MCP TOOL REFERENCE

SHELLGATE TOOLS

31 tools from the Shellgate MCP Server, categorised by risk level.

View the Shellgate policy →
// ALL 31 SHELLGATE TOOLS
READ 16 tools
Read bootstrap Returns all targets, skills, webhooks, memories, wiki pages, and vaults. Call at session start if not alrea... Read api_download Download an image response from an API target through Shellgate and return a temporary MCP resource link. U... Read discover Alias for bootstrap — returns targets, skills, webhooks, memories, wiki pages, and vaults. Read mail_attachment Download an email attachment by UID and part ID. Returns base64-encoded content. Read mail_folders List all folders/labels in the mailbox. Read mail_read Read a full email message by UID. Returns from, to, cc, subject, date, text, html, flags, and attachment me... Read mail_search Search emails in a mailbox. Returns message list with uid, from, to, subject, date, flags. Read memory_list Returns a compact index of all accessible memories (id, summary, visibility, user, updatedAt). Call at sess... Read memory_read Returns the full content of a specific memory. Only fetch memories relevant to your current task — don Read org_skill_list List all organization-wide skills shared across Shellgate agents (slug and description) Read org_skill_read Read the full content of a shared organization skill from Shellgate Read vault_search Search for credential items in vaults accessible to this token. Returns item handles with non-sensitive fie... Read webhook_poll Poll for pending webhook events Read wiki_lint_page Validate a wiki page Read wiki_list_pages Browse the wiki index. Returns slug, title, namespace, tags, summary, status, version, updatedAt, updatedBy... Read wiki_read_page Read a wiki page
WRITE 9 tools
Write webhook_ack Acknowledge processed webhook events Write blind_fill Fill a sensitive vault field into a browser element via CSS selector. The secret never appears in the agent... Write mail_draft Create a draft email in the Drafts folder. Write mail_flag Set or unset flags on an email (e.g. \\\\Seen, \\\\Flagged). Write mail_move Move an email to a different folder. Write mail_send Send an email. Requires approval — first call returns approval_required, re-call with approved: true after ... Write memory_add Store a fact, preference, or learning. Rules: - summary: one-line description (max 500 chars) — this is the... Write org_skill_upsert Create or update a shared organization skill in Shellgate. Content must be full markdown with YAML frontmat... Write wiki_upsert_page Create or update a wiki page. For updates, pass expectedVersion for optimistic concurrency. Write-back patt...
DESTRUCTIVE 3 tools
Destructive memory_delete Delete a memory that is outdated, incorrect, or superseded. Prefer updating (delete + add) over keeping sta... Destructive org_skill_delete Delete a shared organization skill from Shellgate Destructive wiki_delete_page Archive a wiki page (soft delete). Sets status to
EXECUTE 3 tools
Execute ssh_exec Execute a command on an SSH target. If the response has status Execute api_request Proxy an HTTP request through the gateway to an upstream API target. If the response has status Execute blind_type Type a sensitive vault field value using keyboard events. The target field must be focused. The secret neve...

Route Shellgate through PolicyLayer and every one of its 31 tools is checked against your policy before it runs.

CHECK YOUR STACK →

See every tool, the dangerous ones, and the token cost across your stack.

// FAQ
How many tools does the Shellgate MCP server have? +

The Shellgate MCP server exposes 31 tools across 4 categories: Read, Write, Destructive, Execute.

How do I enforce policies on Shellgate tools? +

Route the Shellgate server through the PolicyLayer gateway. Define allow, deny, or approval rules per tool in the dashboard; they are enforced on every call before it reaches the server.

What risk categories do Shellgate tools fall into? +

Shellgate tools are categorised as Read (16), Write (9), Destructive (3), Execute (3). Each category has a recommended default policy.

Enforce policy on every Shellgate tool call.

Start from Shellgate, add the rest of your stack, and see everything your agents can call. Then put policy on all of it.

CHECK YOUR STACK →

Free to start. No card required.

43,000+ MCP servers and 220,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.