# Using Rockhopper with an AI Assistant Rockhopper exposes your spreadsheet workspace to AI assistants like **Cursor**, **Claude Desktop**, **Claude Code**, **VS Code**, **Claude.ai**, and **ChatGPT** through the [Model Context Protocol (MCP)](https://modelcontextprotocol.io). Once connected, the AI can read your enrolled files, summarize changes, surface review requests, and (with your explicit permission) post comments or open reviews on your behalf. This page is a plain-language tour of **what your AI can do**, **what it can't do**, and **how it stays inside your permissions**. For technical setup instructions, see [MCP Server (AI Integration)](/it-setup/mcp-server.md). For testing the integration with a UI, see [Postman Workspace](/it-setup/mcp-postman-workspace.md). ## What your AI can do The AI assistant gets sixteen "tools" it can choose to call on your behalf, plus a small set of pre-built workflows ("prompts") and read-only data sources ("resources"). Each tool is one of two flavors: * **Read-only** — the AI can look but not touch. * **Read-write** — the AI can also post comments, open reviews, and rename files. You decide which flavor your AI gets when you create the Personal Access Token. Start with read-only and only upgrade if you have a workflow that genuinely needs writes. ### Read-only — what your AI can see | Capability | What you'll ask | What happens behind the scenes | | ------------------ | --------------------------------------------------------------------- | ---------------------------------------------------------------------------------------- | | List your files | *"Show me my Rockhopper files."* | The AI calls `list_files`, returns names and types. | | Search by name | *"Find any file with 'budget' in the name."* | `search_files` filters by substring. | | Version history | *"What versions exist of Q2 Forecast?"* | `get_file_versions` returns every committed snapshot with author + timestamp. | | Cell-level history | *"How did B10 in Sheet1 change between v1.4 and v1.7?"* | `get_cell_history` walks the cell across versions and returns old/new values. | | Pending changes | *"What's been edited in Budget.xlsx that hasn't been committed yet?"* | `get_unattributed_changes` lists live-sheet edits not yet attached to a version. | | Comments | *"List the open comments on Forecast.xlsx."* | `get_file_comments` returns threads with author, cell anchor, replies, resolution state. | | Review requests | *"Are there any reviews waiting on the latest version?"* | `get_reviews` returns requesters, reviewers, statuses. | ### Read-write — what your AI can do **on your behalf** | Capability | What you'll ask | Effect | | --------------------- | ------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------ | | Create a version | *"Commit the current changes on Budget.xlsx as a minor version."* | `create_version` saves uncommitted changes as a new semver version (major/minor/patch). | | Discard changes | *"Discard the uncommitted changes on Forecast.xlsx — they were exploratory."* | `discard_changes` reverts to the latest committed version. Changes are preserved in history for audit. | | Add a comment | *"Drop a comment on B10 saying 'check this projection'."* | `add_comment` posts the comment as **you**; appears in the app + emails like a normal comment. | | Reply in a thread | *"Reply to Sarah's question about cell C7."* | `reply_to_comment` posts a threaded reply. | | Resolve a comment | *"Mark the comment about labels as resolved."* | `resolve_comment` closes the thread (only your own comments). | | Open a review request | *"Ask Sarah and Joe to review v1.4 of Forecast."* | `create_review_request` sends review-invite emails to the assignees. | | Approve a review | *"Approve the review they sent me."* | `approve_review` records your approval (only on reviews assigned to you). | | Cancel a review | *"Cancel the pending review on v1.3 — we're going to rework the assumptions."* | `cancel_review` cancels a pending review request (only the requester can cancel). | | Rename a file | *"Rename 'New Folder Copy 3.xlsx' to 'Q2 Forecast — Final'."* | `update_file_description` updates the display name. | ### Pre-built workflows The AI can also invoke four pre-built "prompts" that bundle several tools into a single workflow: | Prompt | What it does | | ---------------------------- | --------------------------------------------------------------------------------------------------------------------- | | **File overview** | Pulls versions, comments, reviews, and pending changes for one file, then asks the AI to write a status report. | | **Summarize recent changes** | Surfaces the last five versions and twenty unattributed edits, then summarizes what changed and who made the changes. | | **Pending reviews** | Lists every reviewer status on the latest version and asks the AI to flag what needs attention. | | **Unresolved comments** | Filters to open comment threads only and asks the AI to prioritize follow-ups. | These show up as "/" commands in clients that support MCP prompts (like Claude Desktop and Claude Code). ## What your AI **cannot** do This list is intentional — Rockhopper deliberately does **not** expose anything below today, and most of it never will. | Not supported | Why | | ------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------- | | Edit a cell value in your spreadsheet | Editing live data from an AI surface is a different risk tier; would require a two-step user-confirmation flow. Use Excel/Google Sheets directly. | | Enroll a new file or remove an existing one | Enrollment requires a Microsoft/Google OAuth handshake your AI client doesn't have access to. Enroll from the Rockhopper app. | | See files outside your workspace permissions | The MCP server uses **your** identity. If you can't see a file in Rockhopper, your AI can't either. Period. | | Bypass review requirements | Approvals only work on reviews assigned to you; same gate as the web app. | | Run arbitrary database queries | The MCP server has no direct database, S3, or Microsoft Graph access — only the Rockhopper REST API. | | See another user's PAT or session | PATs are user-scoped, hashed, and never returned after creation. | | Read your password / personal info | The API never exposes credentials, billing details, or PII beyond what's already visible in the workspace UI. | | Send email outside what comments and reviews already trigger | The AI can post a comment that triggers a notification email — same email rules as if you typed it yourself. | | Make Rockhopper send Slack/Teams messages | We don't expose chat-platform writes. | ## How permissions work — three layers of protection 1. **You hold the keys.** Your AI authenticates with a Personal Access Token (PAT) you create in **Avatar → Access Tokens**. Tokens have a name, scope (`read-only` or `read-write`), and expiry. You can revoke them instantly from the same page. 2. **Permissions follow your account.** A PAT inherits your permissions exactly. If you lose access to a workspace, your PAT loses access at the same time. Reviewer-only tools require you to be an assigned reviewer; "resolve comment" requires you to be the comment's author. Same rules as the web app. 3. **Read-only is read-only.** A PAT scoped `read-only` cannot post comments, open reviews, or rename files — even if the AI is asked to. The check happens server-side, not in your client. For web-based AI clients (Claude.ai, ChatGPT) you don't paste a PAT — you sign in through Rockhopper's normal SSO and the gateway issues a **short-lived** session token (default 30 minutes) that auto-rotates. You can revoke active sessions from the same Access Tokens page (look for entries prefixed `gateway:`). ## Audit trail Everything your AI does is logged the same way as actions in the web app: * **Comments** posted by an AI show up under your name in every comment thread, in every email digest, and in the activity feed. * **Reviews** opened by an AI show your name as the requester. * **API calls** are recorded server-side with tool name, user id, latency, and outcome — viewable by your administrator. * **Request and response bodies are never persisted.** We log metadata, not content. If you're not sure whether an AI assistant did something, ask your admin to pull the API audit log for your user — every tool invocation is there. ## Recommended starter workflows Once you're connected, try one of these to get a feel for the integration: 1. **Daily catch-up.** *"Using Rockhopper, give me a one-paragraph summary of what changed across all my files in the last 24 hours."* 2. **Review triage.** *"Are there any review requests assigned to me? Group by urgency."* 3. **Comment cleanup.** *"List unresolved comments on my files, sorted by oldest first. For any thread that hasn't had activity in 30 days, suggest a reply or resolution."* 4. **Cell-level forensics.** *"In Q2 Forecast, find any cell whose value changed by more than 10% between v1.0 and v2.0 — and tell me who made each change."* 5. **Review drafting.** *"Draft a review request for v1.4 of Forecast.xlsx, assigning Sarah and Joe, with a description noting that the revenue assumptions in column F have been updated."* The AI client decides which tools to call based on your wording — you don't need to know the tool names. ## Frequently asked questions **Can my AI delete data?** No. There are no delete tools in the MCP surface today. The most destructive actions are `discard_changes` (reverts uncommitted edits — but they're preserved in version history for audit) and `cancel_review` (cancels a pending review). Comment resolution and review approval are also reversible. **Can I undo something the AI did?** Yes — via the Rockhopper app. Posted comments can be deleted by their author; resolved comments can be reopened; review requests can be cancelled. **Does the AI see my data even when I'm not chatting with it?** Only when it actively calls a tool. The MCP server doesn't background-poll; every tool call is in response to a user prompt in your AI client. **Is my data sent to OpenAI / Anthropic?** Whatever the AI fetches via Rockhopper tools is then visible to the AI model that processed your prompt — that's the nature of any chatbot integration. Read your AI client's data policy to understand how they handle that. Rockhopper itself does **not** send data to any LLM provider. **Can I limit my AI to specific files?** Indirectly — by limiting which files your account is enrolled in. There's no per-file PAT scoping today; it's a planned enhancement. **Can my admin disable the integration globally?** Yes — admins can revoke all PATs in the workspace from the Access Tokens admin page, or set the workspace flag that disables PAT creation. ## Next steps * **Set it up.** [Install the MCP server in your AI client →](/it-setup/mcp-server.md) * **Test it manually.** [Try the Postman workspace →](/it-setup/mcp-postman-workspace.md) * **Understand the security posture.** [Read the data governance summary →](/security-and-compliance/data-governance.md) Questions? Email . --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.rockhopper.co/product-guide/ai-assistant.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.