Skip to content

VIP MCP tools

The VIP MCP toolset, available via Secure MCP, provides operation tools, built-in schema utilities, and diagnostic prompts. Tools are registered per-user based on the authenticated user’s VIP Dashboard permissions. Tools the user cannot access are not visible to the agent.

TypeNotes
readNo state change.
writeState-changing, requires appropriate permissions.
⚠ writeDestructive or irreversible. Use with care.

Built-in utilities

Always available, regardless of permissions.

search

Search the GraphQL schema for types or root fields by exact or partial name. Use this before execute to discover available operations.

ParameterTypeDescription
terms[String!]!Type or field names to look up

execute

Run a custom GraphQL query or mutation when no dedicated operation tool covers the task. Always prefer a specific tool first. Use search to discover the correct field shape before writing a custom operation. Do not use this to run introspection queries. Instead, use introspection.

ParameterTypeDescription
queryString!The GraphQL query or mutation to execute
variablesJSONVariables for the operation

Application tools

ToolTypeDescription
app_getreadRetrieve detailed information about a single application by numeric ID. Returns name, repository, type, active status, organization, and environment list.
app_listreadList all applications accessible to the authenticated user with pagination and name filtering.
app_list_environmentsreadList all environments for a single application. Returns environment ID, name, type, active status, and unique label.

Organization tools

ToolTypeDescription
organization_listreadList all organizations accessible to the authenticated user with pagination and name filtering.
organization_getreadRetrieve organization details and the first 10 applications.
organization_list_audit_eventsreadRetrieve recent Audit Log events for an organization.
organization_invite_user⚠ writeSend invitations to 1 or more email addresses to join an organization. Specify Org role and optional App roles.
organization_remove_user⚠ writeRemove a user from an organization, revoking all roles and application permissions.

User tools

ToolTypeDescription
user_get_mereadRetrieve the currently authenticated user’s profile: ID, display name, and VIP status. No parameters required.

Environment tools

Deployments

ToolTypeDescription
environment_get_deploymentsreadRetrieve deployment history with commit SHA, branch, status, timestamps, rollback availability, and initiating user.
environment_deploy_validate_accesswriteCheck whether the authenticated user has permission to deploy to an environment. Use as a pre-flight check before environment_deploy_start_custom.
environment_deploy_start_customwriteTrigger a custom deployment to an environment.
environment_rollback⚠ writeRoll back an environment to a previous deployment by deployment ID. Use environment_get_deployments first to find a rollback-eligible deployment.

Domains and TLS

ToolTypeDescription
environment_get_domainsreadList all domains for an environment with TLS, DNS, verification status, and pagination.
environment_domain_getreadRetrieve detailed information about a single domain by ID or name, including TLS certificate status and DNS health.
environment_domain_addwriteAdd a new domain to an environment. Optionally generate a DNS TXT verification record.
environment_domain_remove⚠ writeDeactivate and remove a domain from an environment. Removing a domain makes it unreachable — confirm traffic is not being served on it first.
environment_domain_set_primary⚠ writeChange the primary domain for an environment. Affects WordPress site URL and all redirects.

Logs

ToolTypeDescription
environment_get_logsreadRetrieve runtime logs with pagination and optional type filter (app or batch). Returns a polling delay hint for efficient log tailing.
environment_get_slowlogsreadRetrieve MySQL slow query logs. Returns query text, execution time, rows examined, rows sent, and originating request URI.

Performance metrics

ToolTypeDescription
environment_get_metricsreadRetrieve timestamped performance measurements for an environment over a date range. Available metrics cover origin response time (P50/P75/P95), HTTP response codes (origin and edge), resource usage (PHP-FPM, memory, CPU), database (query counts, slow queries, data size), and cache (edge hit rate, Memcached).

Environment variables

ToolTypeDescription
environment_get_variablesreadList all custom environment variables for an environment.
environment_set_variablewriteCreate or update (upsert) an environment variable by name. Setting a variable to an empty string does not delete it — use environment_delete_variable instead.
environment_delete_variablewriteRemove an environment variable by name.

Security

ToolTypeDescription
environment_get_security_configsreadRetrieve the full security configuration in a single call: Basic Authentication, IP Restrictions, User Agent Restrictions, and Defensive Mode.
environment_basic_auth_addwriteAdd Basic Authentication users to protect an environment.
environment_basic_auth_deletewriteRemove Basic Authentication users from an environment.
environment_update_ip_restrictionswriteUpdate IP-based access restrictions. Accepts an action (allow or deny) and IP groups.
environment_update_user_agent_restrictionswriteReplace User Agent Restrictions. Full replace — groups not included in the input are removed.
environment_update_defensive_mode_statuswriteEnable or disable Defensive Mode without changing tuning configuration.
environment_update_defensive_mode_configwriteUpdate Defensive Mode configuration: challenge type, traffic thresholds, and enabled state.

Software versions

ToolTypeDescription
environment_get_software_settingsreadRetrieve current PHP, Node.js, and WordPress version settings, including pinned status and available releases.
environment_get_software_update_statusreadCheck the progress of a running software upgrade job.
environment_update_software_versionswriteUpdate PHP, Node.js, or WordPress version. Async — use environment_get_software_update_status to monitor.

Database backups

ToolTypeDescription
environment_database_backup_listreadList available database backup copies.
environment_database_backup_get_progressreadPoll the progress of a backup or backup-copy job.
environment_database_backup_startwriteTrigger an on-demand backup checkpoint (restore point). Async. Does not create a downloadable SQL dump — use environment_database_backup_start_copy.
environment_database_backup_start_copywriteInitiate creation of a downloadable SQL dump from an existing backup. Async.
environment_generate_backup_download_urlwriteGenerate a temporary download URL for a completed backup copy. Use after environment_database_backup_start_copy has finished.

Database access (phpMyAdmin)

ToolTypeDescription
environment_get_phpmyadmin_statusreadCheck whether phpMyAdmin is available for an environment (disabled, starting, running).
environment_enable_phpmyadmin_accesswriteEnable phpMyAdmin for an environment. Poll environment_get_phpmyadmin_status until status is running before generating access.
environment_generate_phpmyadmin_accesswriteGenerate a temporary authenticated URL for phpMyAdmin. Requires phpMyAdmin to already be enabled and running.

Media

ToolTypeDescription
environment_media_import_get_configreadRetrieve platform-wide media import constraints: maximum file size, file name length, and allowed file types.
environment_media_import_get_statusreadPoll the status of a media import.
environment_media_import_startwriteStart a media file import from a publicly accessible archive URL. Async.
environment_media_import_abortwriteCancel an in-progress media import.
environment_media_export_startwriteStart a media export from an environment.

SQL import

ToolTypeDescription
environment_sql_import_get_statusreadPoll the status of a SQL import job.
environment_sql_import_startwriteInitiate a SQL file import into an environment’s database. Async.

Cache

ToolTypeDescription
environment_purge_cachewriteClear the page cache for specific URLs on an environment. Provide the application ID, environment ID, and the list of URLs to purge.

WP-CLI

ToolTypeDescription
environment_run_wpcliwriteExecute a WP-CLI command on an environment. The command string must not include the leading wp. Returns an input token and command details, including execution status and timestamps.

Note

WP-CLI output does not stream. Long-running commands are not supported.

Data sync

ToolTypeDescription
environment_syncwriteTrigger a data sync between environments (e.g., production to staging). Returns detailed progress including sync type, timestamps, and step results. Only available on environments where data sync is enabled.

Audit events

ToolTypeDescription
environment_list_audit_eventsreadRetrieve recent Audit Log events for an environment. Mutating MCP tool calls appear here alongside VIP Dashboard actions, attributed to the OAuth-authorized user.

WordPress sites (multisite)

ToolTypeDescription
environment_get_wp_sitesreadList network sites for a WordPress multisite environment. Returns blog ID, site URL, home URL, launch status, active plugins, and Jetpack details.

Environment lifecycle

ToolTypeDescription
environment_create_child⚠ writeCreate a new non-production environment (staging, develop) as a child of a production application. Optionally specify branch, PHP version, and Node.js version. Creates a new environment that consumes platform resources.
environment_verify_retiredreadCheck whether a specific environment has been successfully decommissioned. Use after environment_retire to confirm.
environment_retire⚠ writePermanently decommission an environment. Irreversible — the environment is taken offline and cannot be easily restored. Use environment_verify_retired after to confirm.

Last updated: July 02, 2026

Relevant to

  • Node.js
  • WordPress