"How to access Supabase with write permissions" matching MCP tools:

• agent_operators_set

  fomox402 — Last-Bidder-Wins on Solana

  Mutate the operator whitelist with an owner-signed payload. WHAT IT DOES: POSTs /v1/agents/:agent_wallet/operators with { payload, signature }. Broker enforces that the signer is the OWNER (agent_wallet itself) — operator-signed mutations of the whitelist are rejected even if the signer is otherwise authorised to write configs. Headless — the broker NEVER signs. WHEN TO USE: granting / revoking write access for a sidecar process, rotating an operator key, or wiping the whitelist before retiring an agent. OPS: add — append `operator` to the list (idempotent on existing entry) remove — drop `operator` from the list (idempotent on missing entry) set — replace the entire list with `operators` (use [] to wipe) PAYLOAD CANONICALISATION: broker re-stringifies `payload` with sorted keys and no whitespace before verifying the signature. Sign that exact form. RETURNS: OperatorsList after the mutation. FAILURE MODES: operators_set_failed (bad_signature) — payload != signed bytes operators_set_failed (signer_not_owner) — only the owner may mutate the list operators_set_failed (payload_expired) — broker 410 operators_set_failed (nonce_replayed) — duplicate nonce RELATED: agent_operators_list (read), agent_equip_set (the permission you're granting).

  Connector

• rotate_key

  BorealHost

  Atomically rotate an API key. Old key is immediately invalidated. Creates a new key with the same name, scopes, and rate limits. The new key is returned once — store it immediately. Requires: API key with write scope. Args: key_id: UUID of the API key to rotate (get from whoami()) Returns: {"api_key": "bh_...", "key_id": "uuid", "prefix": "bh_...", "scopes": ["read", "write"], "message": "Key rotated. Store securely."} Note: The old key stops working immediately. Update BOREALHOST_API_KEY right away.

  Connector

• agent_operators_set

  fomox402

  Mutate the operator whitelist with an owner-signed payload. WHAT IT DOES: POSTs /v1/agents/:agent_wallet/operators with { payload, signature }. Broker enforces that the signer is the OWNER (agent_wallet itself) — operator-signed mutations of the whitelist are rejected even if the signer is otherwise authorised to write configs. Headless — the broker NEVER signs. WHEN TO USE: granting / revoking write access for a sidecar process, rotating an operator key, or wiping the whitelist before retiring an agent. OPS: add — append `operator` to the list (idempotent on existing entry) remove — drop `operator` from the list (idempotent on missing entry) set — replace the entire list with `operators` (use [] to wipe) PAYLOAD CANONICALISATION: broker re-stringifies `payload` with sorted keys and no whitespace before verifying the signature. Sign that exact form. RETURNS: OperatorsList after the mutation. FAILURE MODES: operators_set_failed (bad_signature) — payload != signed bytes operators_set_failed (signer_not_owner) — only the owner may mutate the list operators_set_failed (payload_expired) — broker 410 operators_set_failed (nonce_replayed) — duplicate nonce RELATED: agent_operators_list (read), agent_equip_set (the permission you're granting).

  Connector

• agent_equip_set

  fomox402 — Last-Bidder-Wins on Solana

  Write a STRAT config with a caller-signed payload (CAS-protected). WHAT IT DOES: POSTs /v1/agents/:agent_wallet/config with { payload, signature }. Broker verifies the signature against the agent's owner key OR any wallet on the operator whitelist (see agent_operators_list), checks `expected_version` against the current AgentConfig.version, and writes the new config atomically. Headless — the broker NEVER signs. WHEN TO USE: after a tower floor is claimed, push the STRAT config the tower v0 worker should run. Write again whenever you want to retune the strategy. Refetch with agent_equip_get on a 409 conflict and retry with the bumped expected_version. PAYLOAD CANONICALISATION: broker re-stringifies `payload` with sorted keys and no whitespace before verifying the signature. Sign that exact form. RETURNS: AgentConfig — same shape as agent_equip_get, with `version` incremented to the new high-water mark. FAILURE MODES: equip_set_failed (bad_signature) — payload != signed bytes equip_set_failed (signer_not_authorized) — signer is neither owner nor operator equip_set_failed (version_mismatch) — refetch + retry (broker 409) equip_set_failed (payload_expired) — broker 410 equip_set_failed (nonce_replayed) — broker rejected duplicate nonce RELATED: agent_equip_get (read current version), agent_operators_set (grant another wallet permission to write configs on this agent's behalf).

  Connector

• agent_equip_set

  fomox402

  Write a STRAT config with a caller-signed payload (CAS-protected). WHAT IT DOES: POSTs /v1/agents/:agent_wallet/config with { payload, signature }. Broker verifies the signature against the agent's owner key OR any wallet on the operator whitelist (see agent_operators_list), checks `expected_version` against the current AgentConfig.version, and writes the new config atomically. Headless — the broker NEVER signs. WHEN TO USE: after a tower floor is claimed, push the STRAT config the tower v0 worker should run. Write again whenever you want to retune the strategy. Refetch with agent_equip_get on a 409 conflict and retry with the bumped expected_version. PAYLOAD CANONICALISATION: broker re-stringifies `payload` with sorted keys and no whitespace before verifying the signature. Sign that exact form. RETURNS: AgentConfig — same shape as agent_equip_get, with `version` incremented to the new high-water mark. FAILURE MODES: equip_set_failed (bad_signature) — payload != signed bytes equip_set_failed (signer_not_authorized) — signer is neither owner nor operator equip_set_failed (version_mismatch) — refetch + retry (broker 409) equip_set_failed (payload_expired) — broker 410 equip_set_failed (nonce_replayed) — broker rejected duplicate nonce RELATED: agent_equip_get (read current version), agent_operators_set (grant another wallet permission to write configs on this agent's behalf).

  Connector

• agent_equip_get

  fomox402 — Last-Bidder-Wins on Solana

  Read an agent's STRAT config (the parameters its tower floor runs on). WHAT IT DOES: GETs /v1/agents/:agent_wallet/config. Public read — anyone can audit any agent's strategy. The returned `version` is the CAS token you pass to agent_equip_set as `expected_version` on the next write. WHEN TO USE: before agent_equip_set (to compute the next expected_version), or just to inspect what a competitor's floor is configured to do. RETURNS: AgentConfig — { agent_wallet, version, updated_at, updated_by, config: { strategy, max_bid_raw, cooldown_sec, aggression_bps, custom } }. FAILURE MODES: equip_get_failed (404) — agent has never written a config; treat the version baseline as 0 on the first write. RELATED: agent_equip_set (write), agent_operators_list (who can write).

  Connector

• get_integration_guide

  TestMyVibes

  Returns the canonical guide for using TMV from a coding-agent context. Covers the fix-test-retest loop, how to write a good test prompt, how to read the actionTrail / consoleErrors / failedRequests outputs, and common gotchas. Call this first if you're a new agent on a project — it'll save you a debug session. The same content is served at https://testmyvibes.com/docs/coding-agents.

  Connector

• register

  BorealHost

  Register a new agent account and get an API key. No authentication needed. The returned API key grants read+write access to all BorealHost API endpoints. Store it securely — it cannot be retrieved again. The key is automatically activated for this session — all subsequent tool calls will use it. No extra configuration needed. If no email is provided, a synthetic agent identity is created (agent-{uuid}@api.borealhost.ai). If an email is provided, it links to an existing or new human account. Args: name: Human-readable name for this API key (default: "Agent Key") email: Optional email to link to a human account Returns: {"api_key": "bh_...", "key_id": "uuid", "prefix": "bh_...", "scopes": ["read", "write"], "account_id": "uuid", "message": "Store this API key securely..."} Errors: RATE_LIMITED: Max 5 registrations per IP per hour VALIDATION_ERROR: Invalid email format

  Connector

• add_ssh_key

  BorealHost

  Inject your SSH public key into a site's container for direct SSH access. The key is appended to /home/admin/.ssh/authorized_keys. Only available for VPS/dedicated plans. Requires: API key with write scope. Args: slug: Site identifier public_key: SSH public key string. Supported types: ssh-ed25519, ssh-rsa, ecdsa-sha2-nistp256/384/521 Returns: {"success": true, "message": "SSH key added", "ssh_command": "ssh admin@184.107.x.x"} Errors: VALIDATION_ERROR: Invalid or unsupported key format FORBIDDEN: Plan does not support SSH

  Connector

• agent_equip_get

  fomox402

  Read an agent's STRAT config (the parameters its tower floor runs on). WHAT IT DOES: GETs /v1/agents/:agent_wallet/config. Public read — anyone can audit any agent's strategy. The returned `version` is the CAS token you pass to agent_equip_set as `expected_version` on the next write. WHEN TO USE: before agent_equip_set (to compute the next expected_version), or just to inspect what a competitor's floor is configured to do. RETURNS: AgentConfig — { agent_wallet, version, updated_at, updated_by, config: { strategy, max_bid_raw, cooldown_sec, aggression_bps, custom } }. FAILURE MODES: equip_get_failed (404) — agent has never written a config; treat the version baseline as 0 on the first write. RELATED: agent_equip_set (write), agent_operators_list (who can write).

  Connector

• save_note

  anamnese

  Save a new note with learned knowledge or procedures. Notes store knowledge you learn during conversations that might be useful later: - How to do something in this codebase/project - Procedures, configurations, or technical details - Solutions to problems encountered - Project-specific knowledge Notes have two parts: - description: Short summary for searching (max 500 chars) - content: Detailed knowledge (max 10,000 chars) Use notes for LEARNED KNOWLEDGE. Use facts for TRUTHS ABOUT THE USER. Examples: - description: "How to deploy this Next.js project to Vercel" content: "1. Run 'vercel' command... 2. Configure environment variables..." - description: "Database migration process for this project" content: "Migrations are in supabase/migrations/. To apply: npx supabase db push..." SELF-LEARNING (scope="ai_client"): Your persistent memory across conversations. Save a note whenever you learn something worth remembering — don't wait, save as you go. Examples: - User preferences: "User prefers concise answers, not long explanations" - Corrections: "User clarified: 'deploy' means push to staging, not production" - Interaction patterns: "User likes to review plans before I execute" - What works or doesn't: "Suggesting refactors unprompted frustrates this user" The more you learn and remember, the better you become at helping this user.

  Connector

• create_api_key

  BorealHost

  Create a new API key with specified scopes. Cannot create keys with higher scopes than the current key. Site-scoped keys restrict access to a single site. Requires: API key with write scope. Args: name: Human-readable name for the key (1-100 chars) scopes: Comma-separated scopes. Options: "read", "read,write", "read,write,admin". Default: "read" site_slug: Optional — restrict the key to a single site. Omit for account-wide access. Returns: {"api_key": "bh_...", "key_id": "uuid", "prefix": "bh_...", "name": "My Key", "scopes": ["read", "write"], "message": "Store this API key securely — it will not be shown again."} Errors: VALIDATION_ERROR: Invalid name, scopes, or max 25 active keys FORBIDDEN: Cannot create keys with higher scopes than current key

  Connector

• list_campaigns

  argo-mcp

  List all Argo campaigns the current grant token has access to, including the access level ("read" or "read+write") for each. Call this first when the user has not provided a campaign ID. Each entry includes both `campaignName` and `id` (shown inline as `[id: …]` and also in structuredContent.idMap). Use the `id` verbatim for any subsequent tool call that takes a `campaignId`. In prose to the user, refer to campaigns by `campaignName`; do not print the raw `id` unless asked.

  Connector

• set_cell_contents

  Bilig WorkPaper

  Write raw content to one cell and recalculate dependents in memory only. Start with --writable when the edit should persist to JSON.

  Connector

• delete_cron

  BorealHost

  Delete a cron job by line number. Get line numbers from list_cron(). Requires: API key with write scope. Args: slug: Site identifier line_number: Line number of the cron entry to delete Returns: {"deleted": true}

  Connector

• create_session

  sncro

  Create a new sncro session. Returns a session key and secret. Args: project_key: The project key from CLAUDE.md (registered at sncro.net) git_user: The current git username (for guest access control). If omitted or empty, the call is treated as a guest session — allowed only when the project owner has "Allow guest access" enabled. brief: If True, skip the first-run briefing (tool list, tips, mobile notes) and return a compact response. Pass this on the second and subsequent create_session calls in the same conversation, once you already know how to use the tools. After calling this, tell the user to paste the enable_url in their browser. Then use the returned session_key and session_secret with all other sncro tools. If no project key is available: tell the user to go to https://www.sncro.net/projects to register their project and get a key. It takes 30 seconds — sign in with GitHub, click "+ Add project", enter the domain, and copy the project key into CLAUDE.md.

  Connector

• agent_operators_list

  fomox402

  Read an agent's operator whitelist (who can write configs on its behalf). WHAT IT DOES: GETs /v1/agents/:agent_wallet/operators. Public read. WHEN TO USE: before agent_equip_set (confirm the signer wallet is on the list), or to audit who else has write access to a competitor's config. RETURNS: { agent_wallet, owner, operators: [{ wallet, role: 'owner'|'operator', added_at, added_by }], count }. RELATED: agent_operators_set (mutate — owner-only), agent_equip_set (operators may write configs but not modify this list).

  Connector

• create_backup

  BorealHost

  Create a manual backup (runs asynchronously). The backup starts in the background. Poll list_backups() to check status. Requires: API key with write scope. Args: slug: Site identifier Returns: {"id": "uuid", "status": "pending", "message": "Backup started. Poll list_backups() to check status."}

  Connector

• build_permission_transaction

  powersun-tron-mcp

  Build an AccountPermissionUpdate transaction that grants the PowerSun platform permission to delegate/undelegate resources and optionally vote on your behalf. Returns an unsigned transaction that you must sign with your private key and then broadcast using broadcast_signed_permission_tx. All existing account permissions are preserved. Requires authentication.

  Connector

• get_food_environment

  USDA Food Access

  Get county-level food access risk profiles using Census ACS data. Constructs food access risk profiles by combining vehicle access (B25044), poverty status (B17001), and SNAP participation (B22001). Limited vehicle access combined with high poverty indicates food desert risk. Useful for identifying areas with barriers to food access in grant applications. Args: state: Two-letter state abbreviation (e.g. 'WA', 'MS') or 2-digit FIPS code. county_fips: Three-digit county FIPS code (e.g. '033' for King County, WA). Omit to get all counties in the state.

  Connector