Inside the first cut of the ctrlsignal MCP server — ctrlsignal
Blog

Inside the first cut of the ctrlsignal MCP server

Published May 05, 2026

We're shipping an MCP server in stages. Here are the tools that go in first, the ones that wait, and why.

The shape of the first cut

An MCP server is, in practice, a list of tools the assistant can call. So the design question is just: which tools first? We picked the smallest set that makes a real difference for the kind of owner ctrlsignal is for — someone who runs a real business and treats the website as one of many things they have to keep up with.

Reads first

Reads ship before writes. Lower blast radius, easier to trust, and honestly more of what people actually want.

  • list_leads — recent submissions with source, page, and a one-line summary.
  • get_lead — full record plus delivery audit (did HubSpot accept it? did the welcome email send?).
  • list_pages — pages on the live site, with last-published time and SEO state.
  • get_page — page content as structured sections, not raw HTML.
  • list_bookings — slots and who booked what, this week.
  • site_health — alerts, recent errors, broken integrations.

Writes that earn their keep

Writes are gated, audit-logged, and limited to actions we already trust over the mobile API. The bar is: would a non-technical owner reasonably ask their assistant to do this? If the answer is "they'd want to look at it first," it stays in the editor.

  • add_note_to_lead — same as the mobile app's note field.
  • update_booking_availability — block out time, change weekly hours.
  • publish_draft — promote the current draft. Returns the diff first; the assistant has to confirm.
  • configure_lead_action — wire a form to HubSpot or Mailersend, with the same validation the settings UI runs.

What we're keeping out (for now)

Free-form HTML edits aren't in the first cut. The risk profile is different: an assistant with a content-edit tool can quietly rewrite copy, swap an image, or break a layout, and the owner won't see it until a customer points it out. We'd rather route those through the editor or the AI toolbox where there's a visible diff and a human "looks good."

Domain, billing, and account-deletion actions are also off the table. Those are the ones a stray autonomous loop could really hurt you with. They stay behind a real login.

How auth works

The MCP server authenticates the same way our mobile API does — a short-lived token issued from the portal. You'll generate it in Settings → Integrations and paste it into your assistant once. Tokens are revocable; there's a per-account audit log of every MCP call.

When

The reads ship first, in beta, behind a flag. Writes follow once we've watched real traffic for a few weeks. If you'd like to be on the beta list, ping us — beta access pairs with a beta code on signup.

Ready to try it? Start building with ctrlsignal →