CaveCMS
MCP server

Connect your AI
to your live site.

Every CaveCMS install ships an MCP server. Connect Claude Code, Cursor, Windsurf, or Codex with one command and your AI gets typed, named tools for your site: read a page, build a whole new one, rewrite a section, reorder projects, change the branding, even take and restore a backup of the whole site. It reaches the same validated, audited engine the dashboard uses, scoped to a token you control.

On this page

What it isConnectWhat it can doScoped and safeMCP or the API

The short version

What CaveMCP is.

MCP (the Model Context Protocol) is the open standard AI tools use to talk to outside systems. CaveCMS speaks it natively: a server runs inside your install at /api/cms/mcp, no extra package to deploy.

Instead of your agent guessing at raw HTTP calls, it gets a clean set of tools, the same way it gets file or terminal tools. It reads your real content, proposes changes, and writes them through the exact code path your own editor uses, so the two can never drift apart.

Why it beats a bolted-on AI plugin

  • Typed tools, not freehand HTTP: fewer mistakes, faster edits.
  • In every install. Nothing to host, nothing to wire up.
  • Same engine as the dashboard, so every write is validated, sanitized, and audited.
  • Works with the editor you already use: Claude Code, Cursor, Windsurf, Codex.

One command

Connect your editor.

Mint a token in Settings → API Tokens (pick a role and the scopes you want it to have), then add the server to Claude Code:

Any MCP client connects the same way: point it at https://your-site.com/api/cms/mcp with an Authorization: Bearer cave_… header. The tools your agent sees are exactly what that token’s role and scopes allow.

Claude Code

claude mcp add --transport http cavecms \
  https://your-site.com/api/cms/mcp \
  --header "Authorization: Bearer cave_YOUR_TOKEN"

Cursor / Windsurf (mcp.json)

{
  "mcpServers": {
    "cavecms": {
      "url": "https://your-site.com/api/cms/mcp",
      "headers": { "Authorization": "Bearer cave_YOUR_TOKEN" }
    }
  }
}

New to minting tokens? The token walkthrough covers it step by step.

The toolset

Build anything you can build by hand.

The server exposes the whole CMS as tools, around four dozen of them. The headline one, edit_page, builds an entire page (its sections, columns, and widgets) in a single transactional call, so an agent assembles a finished page in seconds.

Your agent only ever sees the tools its token permits. A read-only token shows a handful of read tools; a full admin token shows them all.

Beyond editing, the same agent can publish and protect: promote a local or staging build to your live site with cavecms push, and take or restore a backup, all without leaving the terminal. See shipping to production.

Pageslist, read, create, update, delete, restore, preview
Blocksedit_page (build a whole page in one call), update, create, delete, duplicate, reorder
Posts & projectsfull CRUD, restore, reorder, edit project sections
Medialist, read, upload, delete
Librarysaved blocks, instantiate templates
Sitenavigation menus, content and branding settings
Backupstake a backup, restore, list, and set the destination (Google Drive, OneDrive, local), schedule, and encryption

Scoped and safe

It can only do what you allow.

The token is the leash. Give it a role (viewer, editor, or admin) as a ceiling, then narrow it to specific resources: edit the blog only, read pages only, whatever the job needs. A write grant includes read; a delete grant includes write.

No token, of any role, can reach user accounts, security settings, secrets, or the updater. Deleting anything asks for an explicit confirmation first.

  • Per-resource scopes. Grant only what the agent needs across pages, posts, projects, blocks, media, nav, and settings.
  • Audited to the token. Every change records which token made it, not just which person, so an agent’s edits are traceable.
  • Revocable and rotatable. Kill or re-issue a token in one click. The old secret stops working the same second.

Which path

MCP, or the plain API.

Two ways to let AI run your site, both landing on the same validated engine. Use whichever your tool prefers.

MCP (this page)

Native, typed tools for MCP-aware editors like Claude Code, Cursor, and Windsurf. The cleanest path: one command, and the agent just has the tools.

AGENTS.md and the HTTP API

Point any AI tool at the AGENTS.md guide and it drives the HTTP API directly. Works with anything that can make a request.

← Previous

AI agents

Next →

Deploy

Keep going

Related

AI agents

Point Cursor, Claude Code, Windsurf, or Codex at your site: what AGENTS.md is, how to mint a token, and how to make your first change by prompt.

View

API reference

The complete CaveCMS HTTP API. Authenticate with a token, read your content, and edit a whole page in one batched request.

View

Get started

Four steps to a real CaveCMS site on your own server. About twenty minutes, most of it spent picking a domain.

View