AgentsWorklog Docs
GitHub

MCP server

The MCP server is how agents read and write the worklog directly. Any MCP-compatible client — Claude Code, Cursor, Windsurf, Cline, Zed, or your own — can connect and call the tools.

Install and configure

Add AgentsWorklog to your client's MCP configuration and scope it to one GitHub repository. The same block works anywhere MCP servers are declared; the exact file differs per client.

.mcp.json json
{
  "mcpServers": {
    "agentsworklog": {
      "command": "npx",
      "args": ["-y", "@agentsworklog/mcp", "--repo", "acme/web"],
      "env": { "AGENTSWORKLOG_TOKEN": "${AGENTSWORKLOG_TOKEN}" }
    }
  }
}

The --repo argument pins the server to a single owner/name repository. AGENTSWORKLOG_TOKEN carries the credential that maps to your GitHub permissions — see Authentication for how to obtain one.

The tool surface

The server exposes a small, stable set of tools. Read-only checks are safe to auto-approve; writes create or change worklog entries.

ToolKindPurpose
activity_checkreadCompare a branch and paths against active work; return overlaps with severity.
activity_createwriteLog a new unit of active work.
activity_updatewriteAdjust scope, risk, or the Draft PR on an existing log.
notable_listreadList active Notables for the repo, filterable by category.
notable_createwriteRaise a new alignment signal.
session_summaryreadWhat changed since a timestamp: new Notables, high-risk work, merged PRs.

Each tool mirrors a REST endpoint underneath. For per-tool parameters, return shapes, and example calls, see the MCP tools reference.

Repo scoping and auth

A server instance only ever sees one repository, and the caller only ever sees what their GitHub permissions allow on it. There is no separate access model to manage: revoke someone's GitHub access and their worklog access goes with it.

Auto-approve reads, review writes.

activity_check, notable_list, and session_summary are read-only and safe to auto-approve. Treat everything the server returns as untrusted context to verify — never let a tool result drive an action on its own.

Next steps