Summary
Connects Claude to WorkBoard's OKR platform with 15 tools covering objectives, key results, users, and workstreams. You can check current OKR progress, update key result metrics for weekly check-ins, list team workstreams with action items, and create new objectives with key results if you have Data-Admin permissions. Built with security front and center: API tokens stay local via stdio transport, all inputs use Pydantic validation, and the codebase gets automated CVE scanning. Ships as a PyPI package or container on Quay.io. Useful if your team runs OKRs in WorkBoard and you want Claude to pull current progress, update metrics, or navigate the hierarchy of objectives and workstreams without leaving your terminal.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
MCP WorkBoard CrunchTools
A secure MCP (Model Context Protocol) server for WorkBoard OKR and strategy execution platform.
Overview
This MCP server is designed to be:
- Secure by default - Comprehensive threat modeling, input validation, and token protection
- No third-party services - Runs locally via stdio, your API token never leaves your machine
- Cross-platform - Works on Linux, macOS, and Windows
- Automatically updated - GitHub Actions monitor for CVEs and update dependencies
- Containerized - Available at
quay.io/crunchtools/mcp-workboardbuilt on Hummingbird Python base image
Naming Convention
| Component | Name |
|---|---|
| GitHub repo | crunchtools/mcp-workboard |
| Container | quay.io/crunchtools/mcp-workboard |
| Python package (PyPI) | mcp-workboard-crunchtools |
| CLI command | mcp-workboard-crunchtools |
| Module import | mcp_workboard_crunchtools |
Why Hummingbird?
The container image is built on the Hummingbird Python base image from Project Hummingbird, which provides:
- Minimal CVE exposure - Built with a minimal package set, dramatically reducing attack surface
- Regular updates - Security patches applied promptly
- Optimized for Python - Pre-configured with uv package manager
- Production-ready - Proper signal handling and non-root user defaults
Features
User Management (4 tools)
workboard_get_user- Get a user by ID or the current authenticated userworkboard_list_users- List all users (Data-Admin role required)workboard_create_user- Create a new user (Data-Admin role required)workboard_update_user- Update an existing user
Objective Management (4 tools)
workboard_get_objectives- Get objectives associated with a user (API capped at 15)workboard_get_objective_details- Get details for a specific objective with key resultsworkboard_get_my_objectives- Get the current user's owned objectives by ID (recommended)workboard_create_objective- Create a new objective with key results (Data-Admin required)
Key Result Management (2 tools)
workboard_get_my_key_results- List current user's key results with metric IDs and progressworkboard_update_key_result- Update key result progress for weekly OKR check-ins
Workstream Management (5 tools)
workboard_get_workstreams- Get team workstreams accessible to the authenticated userworkboard_get_workstream_activities- Get workstream details with all action itemsworkboard_get_team_workstreams- Get all workstreams belonging to a specific teamworkboard_create_workstream- Create a new workstream for a teamworkboard_update_workstream- Update workstream properties (name, dates, pace, health, priority)
Installation
With uvx (Recommended)
uvx mcp-workboard-crunchtools
With pip
pip install mcp-workboard-crunchtools
With Container
podman run -e WORKBOARD_API_TOKEN=your_token \
quay.io/crunchtools/mcp-workboard
Configuration
Getting a WorkBoard API Token
- Log in to your WorkBoard instance
- Navigate to Admin Settings > API Configuration
- Generate a JWT API token
- Copy the token immediately - store it securely
Add to Claude Code
claude mcp add mcp-workboard \
--env WORKBOARD_API_TOKEN=your_token_here \
-- uvx mcp-workboard-crunchtools
Or for the container version:
claude mcp add mcp-workboard \
--env WORKBOARD_API_TOKEN=your_token_here \
-- podman run -i --rm -e WORKBOARD_API_TOKEN quay.io/crunchtools/mcp-workboard
Usage Examples
Get Current User
User: Who am I in WorkBoard?
Assistant: [calls workboard_get_user with no args]
List All Users
User: List all WorkBoard users
Assistant: [calls workboard_list_users]
Get User Objectives
User: Show me objectives for user 12345
Assistant: [calls workboard_get_objectives with user_id=12345]
Get Objective Details
User: Get details on objective 67890 for user 12345
Assistant: [calls workboard_get_objective_details with user_id=12345, objective_id=67890]
Get My Objectives
User: Show me my objectives (IDs: 2900058, 2900075, 2901770)
Assistant: [calls workboard_get_my_objectives with objective_ids=[2900058, 2900075, 2901770]]
List My Key Results
User: Show me my key results
Assistant: [calls workboard_get_my_key_results]
Update Key Result Progress
User: Update key result 12345 to 75
Assistant: [calls workboard_update_key_result with metric_id=12345, value="75"]
Create an Objective
User: Create an objective called "Increase retention" owned by user@example.com
Assistant: [calls workboard_create_objective with name, owner, dates, and optional key_results]
List Workstreams
User: Show me my workstreams
Assistant: [calls workboard_get_workstreams]
Get Workstream Action Items
User: Show me the agenda for workstream 4130463
Assistant: [calls workboard_get_workstream_activities with ws_id=4130463]
Security
This server was designed with security as a primary concern. See SECURITY.md for:
- Threat model and attack vectors
- Defense in depth architecture
- Token handling best practices
- Input validation rules
Key Security Features
-
Token Protection
- Stored as SecretStr (never accidentally logged)
- Environment variable only (never in files or args)
- Sanitized from all error messages
-
Input Validation
- Pydantic models for all inputs
- Positive integer validation for IDs
- Email validation for user creation
-
API Hardening
- Hardcoded API base URL (prevents SSRF)
- TLS certificate validation
- Request timeouts
- Response size limits
-
Automated CVE Scanning
- GitHub Actions scan dependencies weekly
- Automatic issues for security updates
- Dependabot alerts enabled
Development
Setup
git clone https://github.com/crunchtools/mcp-workboard.git
cd mcp-workboard
uv sync
Run Tests
uv run pytest
Lint and Type Check
uv run ruff check src tests
uv run mypy src
Build Container
podman build -t mcp-workboard .
License
AGPL-3.0-or-later
Contributing
Contributions welcome! Please read SECURITY.md before submitting security-related changes.
Links
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →