Using Rockhopper with an AI Assistant

Rockhopper exposes your spreadsheet workspace to AI assistants like Cursor, Claude Desktop, Claude Code, VS Code, Claude.ai, and ChatGPT through the Model Context Protocol (MCP). Once connected, the AI can read your enrolled files, summarize changes, surface review requests, and (with your explicit permission) post comments or open reviews on your behalf.

This page is a plain-language tour of what your AI can do, what it can't do, and how it stays inside your permissions. For technical setup instructions, see MCP Server (AI Integration). For testing the integration with a UI, see Postman Workspace.

What your AI can do

The AI assistant gets sixteen "tools" it can choose to call on your behalf, plus a small set of pre-built workflows ("prompts") and read-only data sources ("resources"). Each tool is one of two flavors:

Read-only — the AI can look but not touch.
Read-write — the AI can also post comments, open reviews, and rename files.

You decide which flavor your AI gets when you create the Personal Access Token. Start with read-only and only upgrade if you have a workflow that genuinely needs writes.

Read-only — what your AI can see

Capability

What you'll ask

What happens behind the scenes

List your files

"Show me my Rockhopper files."

The AI calls list_files, returns names and types.

Search by name

"Find any file with 'budget' in the name."

search_files filters by substring.

Version history

"What versions exist of Q2 Forecast?"

get_file_versions returns every committed snapshot with author + timestamp.

Cell-level history

"How did B10 in Sheet1 change between v1.4 and v1.7?"

get_cell_history walks the cell across versions and returns old/new values.

Pending changes

"What's been edited in Budget.xlsx that hasn't been committed yet?"

get_unattributed_changes lists live-sheet edits not yet attached to a version.

Comments

"List the open comments on Forecast.xlsx."

get_file_comments returns threads with author, cell anchor, replies, resolution state.

Review requests

"Are there any reviews waiting on the latest version?"

get_reviews returns requesters, reviewers, statuses.

Read-write — what your AI can do on your behalf

Capability

What you'll ask

Effect

Create a version

"Commit the current changes on Budget.xlsx as a minor version."

create_version saves uncommitted changes as a new semver version (major/minor/patch).

Discard changes

"Discard the uncommitted changes on Forecast.xlsx — they were exploratory."

discard_changes reverts to the latest committed version. Changes are preserved in history for audit.

Add a comment

"Drop a comment on B10 saying 'check this projection'."

add_comment posts the comment as you; appears in the app + emails like a normal comment.

Reply in a thread

"Reply to Sarah's question about cell C7."

reply_to_comment posts a threaded reply.

Resolve a comment

"Mark the comment about labels as resolved."

resolve_comment closes the thread (only your own comments).

Open a review request

"Ask Sarah and Joe to review v1.4 of Forecast."

create_review_request sends review-invite emails to the assignees.

Approve a review

"Approve the review they sent me."

approve_review records your approval (only on reviews assigned to you).

Cancel a review

"Cancel the pending review on v1.3 — we're going to rework the assumptions."

cancel_review cancels a pending review request (only the requester can cancel).

Rename a file

"Rename 'New Folder Copy 3.xlsx' to 'Q2 Forecast — Final'."

update_file_description updates the display name.

Pre-built workflows

The AI can also invoke four pre-built "prompts" that bundle several tools into a single workflow:

Prompt

What it does

File overview

Pulls versions, comments, reviews, and pending changes for one file, then asks the AI to write a status report.

Summarize recent changes

Surfaces the last five versions and twenty unattributed edits, then summarizes what changed and who made the changes.

Pending reviews

Lists every reviewer status on the latest version and asks the AI to flag what needs attention.

Unresolved comments

Filters to open comment threads only and asks the AI to prioritize follow-ups.

These show up as "/" commands in clients that support MCP prompts (like Claude Desktop and Claude Code).

What your AI cannot do

This list is intentional — Rockhopper deliberately does not expose anything below today, and most of it never will.

Not supported

Why

Edit a cell value in your spreadsheet

Editing live data from an AI surface is a different risk tier; would require a two-step user-confirmation flow. Use Excel/Google Sheets directly.

Enroll a new file or remove an existing one

Enrollment requires a Microsoft/Google OAuth handshake your AI client doesn't have access to. Enroll from the Rockhopper app.

See files outside your workspace permissions

The MCP server uses your identity. If you can't see a file in Rockhopper, your AI can't either. Period.

Bypass review requirements

Approvals only work on reviews assigned to you; same gate as the web app.

Run arbitrary database queries

The MCP server has no direct database, S3, or Microsoft Graph access — only the Rockhopper REST API.

See another user's PAT or session

PATs are user-scoped, hashed, and never returned after creation.

Read your password / personal info

The API never exposes credentials, billing details, or PII beyond what's already visible in the workspace UI.

Send email outside what comments and reviews already trigger

The AI can post a comment that triggers a notification email — same email rules as if you typed it yourself.

Make Rockhopper send Slack/Teams messages

We don't expose chat-platform writes.

How permissions work — three layers of protection

You hold the keys. Your AI authenticates with a Personal Access Token (PAT) you create in Avatar → Access Tokens. Tokens have a name, scope (read-only or read-write), and expiry. You can revoke them instantly from the same page.
Permissions follow your account. A PAT inherits your permissions exactly. If you lose access to a workspace, your PAT loses access at the same time. Reviewer-only tools require you to be an assigned reviewer; "resolve comment" requires you to be the comment's author. Same rules as the web app.
Read-only is read-only. A PAT scoped read-only cannot post comments, open reviews, or rename files — even if the AI is asked to. The check happens server-side, not in your client.

For web-based AI clients (Claude.ai, ChatGPT) you don't paste a PAT — you sign in through Rockhopper's normal SSO and the gateway issues a short-lived session token (default 30 minutes) that auto-rotates. You can revoke active sessions from the same Access Tokens page (look for entries prefixed gateway:).

Audit trail

Everything your AI does is logged the same way as actions in the web app:

Comments posted by an AI show up under your name in every comment thread, in every email digest, and in the activity feed.
Reviews opened by an AI show your name as the requester.
API calls are recorded server-side with tool name, user id, latency, and outcome — viewable by your administrator.
Request and response bodies are never persisted. We log metadata, not content.

If you're not sure whether an AI assistant did something, ask your admin to pull the API audit log for your user — every tool invocation is there.

Recommended starter workflows

Once you're connected, try one of these to get a feel for the integration:

Daily catch-up. "Using Rockhopper, give me a one-paragraph summary of what changed across all my files in the last 24 hours."
Review triage. "Are there any review requests assigned to me? Group by urgency."
Comment cleanup. "List unresolved comments on my files, sorted by oldest first. For any thread that hasn't had activity in 30 days, suggest a reply or resolution."
Cell-level forensics. "In Q2 Forecast, find any cell whose value changed by more than 10% between v1.0 and v2.0 — and tell me who made each change."
Review drafting. "Draft a review request for v1.4 of Forecast.xlsx, assigning Sarah and Joe, with a description noting that the revenue assumptions in column F have been updated."

The AI client decides which tools to call based on your wording — you don't need to know the tool names.

Frequently asked questions

Can my AI delete data? No. There are no delete tools in the MCP surface today. The most destructive actions are discard_changes (reverts uncommitted edits — but they're preserved in version history for audit) and cancel_review (cancels a pending review). Comment resolution and review approval are also reversible.

Can I undo something the AI did? Yes — via the Rockhopper app. Posted comments can be deleted by their author; resolved comments can be reopened; review requests can be cancelled.

Does the AI see my data even when I'm not chatting with it? Only when it actively calls a tool. The MCP server doesn't background-poll; every tool call is in response to a user prompt in your AI client.

Is my data sent to OpenAI / Anthropic? Whatever the AI fetches via Rockhopper tools is then visible to the AI model that processed your prompt — that's the nature of any chatbot integration. Read your AI client's data policy to understand how they handle that. Rockhopper itself does not send data to any LLM provider.

Can I limit my AI to specific files? Indirectly — by limiting which files your account is enrolled in. There's no per-file PAT scoping today; it's a planned enhancement.

Can my admin disable the integration globally? Yes — admins can revoke all PATs in the workspace from the Access Tokens admin page, or set the workspace flag that disables PAT creation.

Next steps

Set it up. Install the MCP server in your AI client →
Test it manually. Try the Postman workspace →
Understand the security posture. Read the data governance summary →

Questions? Email [email protected].

PreviousProfile & Settings NextOverview

Last updated 1 month ago