Tools & MCP โ
HiveMind OS comes loaded with built-in tools โ and can connect to virtually any external service through the Model Context Protocol (MCP).
Built-in Tools โ
Every HiveMind OS installation ships with a rich set of tools the agent can call to get things done:
| Category (prefix) | What It Does | |
|---|---|---|
| ๐ | filesystem.* | Read, write, list, search, and glob files on your machine |
| ๐ป | shell.* | Execute commands in a sandboxed environment with configurable approval |
| โ๏ธ | core.* | Core agent operations and internal utilities |
| ๐ง | knowledge.* | Query, create, and update nodes in the knowledge graph |
| ๐ | http.* | Fetch URLs and make HTTP requests |
| ๐ | json.* | JSON parsing, querying, and transforms |
| ๐ข | math.* | Mathematical operations and calculations |
| ๐ | datetime.* | Date and time utilities |
| ๐ | process.* | Process management and execution |
| โก | workflow.* | Workflow orchestration and management |
| ๐ฌ | comm.* | Communication and notifications |
| ๐ | calendar.* | Calendar access and scheduling |
| ๐ค | contacts.* | Contact management |
| ๐พ | drive.* | Drive and storage access |
| ๐ | connector.* | External service connectors |
These tools are always available โ no setup required. The agent calls them automatically as part of its agentic loop.
Connector Plugins โ
The connector.* tools above come from connectors you configure in Settings. Beyond the built-in connectors (Gmail, Slack, Microsoft 365, etc.), you can build custom connector plugins that add new tools, background sync loops, and configuration UIs โ all in TypeScript.
Connector plugins use a protocol that is a superset of MCP: standard tools/list and tools/call methods plus additional host APIs for messaging, secrets, storage, and more. This means every connector plugin also works as a standard MCP tool server.
Developer?
See the Plugin Development Guide to build your own connector plugin.
What Is MCP? โ
MCP in Plain English
Model Context Protocol is an open standard for connecting AI agents to external tools and data sources. Think of it as USB ports for your AI โ plug in any compatible server and the agent instantly gains new capabilities, from browsing GitHub repos to querying databases.
MCP is maintained as an open-source specification at modelcontextprotocol.io. The full protocol specification is at modelcontextprotocol.io/specification.
The protocol is supported by a wide ecosystem โ Claude, ChatGPT, VS Code, Cursor, and many other AI applications all speak MCP. Servers you configure in HiveMind OS work with any MCP-compatible client, and vice versa.
Protocol Concepts โ
MCP defines three categories of capabilities that servers can expose:
| Capability | What It Provides | Example |
|---|---|---|
| Tools | Functions the agent can call | create_issue, run_query, send_message |
| Resources | Contextual data for the model or user | File contents, database schemas, API documentation |
| Prompts | Templated messages and workflows | A "summarise PR" prompt template with input parameters |
When you connect an MCP server, HiveMind OS automatically discovers all three and makes them available to the agent โ just like built-in tools.
Transports โ
MCP servers communicate over two transport types:
| Transport | How It Works | Best For |
|---|---|---|
| stdio | Runs as a local process on your machine | Fast, private, no network required |
| SSE / Streamable HTTP | Connects to a remote server over HTTP | Shared corporate tools, cloud-hosted services |
The transport is transparent to the agent โ it calls tools the same way regardless of where the server is running.
Adding an MCP Server โ
MCP servers are configured per persona โ each persona gets its own set of integrations, so a Data Analyst persona can have a Postgres server without it cluttering your Code Reviewer.
- Open Settings โ Personas and select a persona
- In the MCP Servers section, click Add Server
- Choose a transport type (stdio for local, HTTP for remote)
- Fill in the connection details and save
Here's an example configuration that adds three MCP servers:
mcp_servers:
- id: filesystem
transport: stdio
command: npx @modelcontextprotocol/server-filesystem /Users/me/projects
channel_class: local-only
- id: github
transport: stdio
command: npx @modelcontextprotocol/server-github
env:
GITHUB_TOKEN: env:GITHUB_TOKEN
channel_class: internal
- id: corporate-kb
transport: streamable-http
url: https://internal.corp/mcp
headers:
Authorization: "Bearer ${CORP_TOKEN}"
channel_class: internalPopular MCP Servers to Try
- GitHub โ manage repos, PRs, and issues directly from conversation
- Filesystem โ enhanced file browsing with directory trees and search
- Brave Search โ web search without leaving HiveMind OS
- Postgres / SQLite โ query your databases in natural language
- Slack โ read and send messages across your workspace
Browse the full directory at MCP Servers Directory.
Tool Approval Policies โ
Not every tool should run without oversight. HiveMind OS lets you set a policy for each tool:
| Policy | Behaviour |
|---|---|
| Auto | Tool runs immediately without asking โ best for trusted, read-only tools |
| Ask | Prompts you for confirmation before running (default for new tools) |
| Deny | Tool is blocked entirely โ it won't appear in the agent's available actions |
You can configure these per-tool in your agentic loop config:
tool_policy:
auto_approve:
- filesystem.read
- github.get_issue
require_confirmation:
- filesystem.write
- github.create_pr
deny:
- shell.executeChannel Classification on Tools โ
MCP servers get a channel classification level just like other outbound channels. The same data-classification rules apply: the agent will never send CONFIDENTIAL data to a server classified as public.
This means you can safely mix trusted internal servers with public ones โ HiveMind OS enforces the boundaries automatically. A GitHub server classified as internal can see your private repo names, but a public search server won't receive anything beyond PUBLIC data.
OS-Level Sandboxing โ
MCP servers that run as local processes (stdio transport) are executed inside an OS-level sandbox that restricts what the process can access on your machine:
| Platform | Mechanism |
|---|---|
| macOS | sandbox-exec with generated Seatbelt profiles |
| Linux | Landlock (kernel 5.13+) with bubblewrap fallback |
| Windows | Restricted tokens (low integrity) + Job Objects |
The sandbox enforces:
- Filesystem restrictions โ the process can only read and write to explicitly allowed paths. Sensitive directories like
~/.ssh,~/.aws,~/.gnupg, and~/.kubeare denied by default. - Network control โ network access can be allowed or blocked per server.
- System path access โ standard system directories (like
/usr,/bin, orC:\Windows) are allowed read-only so the process can function, but nothing beyond that.
Sandboxing is enabled by default. If a sandbox mechanism isn't available on the host, the process falls back to running unsandboxed.
Customising the sandbox
You can grant additional read or write paths per MCP server if it needs access to specific directories. See the MCP Servers Guide for configuration details.
Example: Summarise Your Open PRs โ
Connect the GitHub MCP server and try this:
"Summarise my open pull requests and flag any that have been waiting for review for more than 3 days."
HiveMind OS will call the GitHub MCP server's tools to list your PRs, check review status, and present a neat summary โ all without you writing a single API call.
Managed Runtimes โ
Many tools and MCP servers require Node.js or Python to run. HiveMind OS ships with managed runtimes that are downloaded automatically โ the agent uses these instead of relying on your system-installed versions. This ensures consistent behaviour for shell commands, process execution, and MCP stdio servers like npx @modelcontextprotocol/server-github.
MCP vs Agent Skills โ
MCP and Agent Skills are complementary standards:
| MCP | Agent Skills | |
|---|---|---|
| Provides | Callable tools, resources, prompts | Knowledge, procedures, scripts |
| Analogy | The wrench in your toolbox | The instruction manual for using it |
| Spec | modelcontextprotocol.io | agentskills.io |
| Example | A GitHub server that can create PRs | A skill that teaches the agent how to write good PR descriptions |
HiveMind OS supports both โ connect MCP servers for actions, install skills for expertise.
Learn More โ
- MCP Specification โ The full open protocol standard
- MCP Servers Directory โ Browse available servers
- Configure MCP Servers โ Detailed setup guide for MCP
- Agent Skills โ How skills complement tools with knowledge and procedures
- Privacy & Security โ How classification protects your data across tools
- Plugin Development Guide โ Build custom connector plugins
- Agentic Loops โ How the agent decides which tools to call