M

MCP Server

Connect Claude Code, Claude Desktop, Cursor, and any MCP-compatible client to Cheqpoint in under a minute. The model calls request_human_approval before destructive actions — you approve or decline from your inbox, Slack, or mobile app.

What this gives you

  • request_human_approval — Claude pauses and submits the action to your Cheqpoint inbox. Execution blocks until you approve, decline, or the timeout elapses.
  • get_approval_status — poll any previous request by ID (useful after a timeout or async flow).
  • Every decision is logged in the Cheqpoint audit trail with full context — who approved, what was modified, and when.
  • Works with Claude Code, Claude Desktop, Cursor, Windsurf, and any MCP-compatible client.

No infrastructure to run

The MCP server runs locally via npx — no Docker, no deployment, no ports. Your MCP client spawns it on demand. The only thing you need is a Connection Key from the Cheqpoint dashboard.

Installation

bash
npx -y @cheqpoint/mcp

Claude Code — one-line setup

bash
claude mcp add cheqpoint \
  -e CHEQPOINT_CONNECTION_KEY=cq_live_... \
  -- npx -y @cheqpoint/mcp

Claude Desktop (claude_desktop_config.json)

json
{
  "mcpServers": {
    "cheqpoint": {
      "command": "npx",
      "args": ["-y", "@cheqpoint/mcp"],
      "env": {
        "CHEQPOINT_CONNECTION_KEY": "cq_live_..."
      }
    }
  }
}

Cursor / Windsurf (.cursor/mcp.json or .windsurf/mcp.json)

json
{
  "mcpServers": {
    "cheqpoint": {
      "command": "npx",
      "args": ["-y", "@cheqpoint/mcp"],
      "env": {
        "CHEQPOINT_CONNECTION_KEY": "cq_live_..."
      }
    }
  }
}

Add a system prompt so the model uses it

text
Before writing to a database, sending any email, deleting files, calling external APIs,
or taking any action that cannot be undone, you MUST call request_human_approval
and wait for APPROVED before proceeding.

If the response is REJECTED or TIMED_OUT, inform the user and stop.
If the response is APPROVED with modifiedDetails, use those updated parameters instead.

What the model sends (request_human_approval)

json
{
  "action": "delete_database_records",
  "summary": "Delete 47 inactive user accounts from the users table",
  "details": {
    "table": "users",
    "condition": "last_active < '2025-01-01'",
    "count": 47,
    "preview": ["user_id: 8821", "user_id: 9034", "..."]
  },
  "risk_score": 0.85,
  "justification": "User asked to clean up inactive accounts to reduce storage costs."
}

What gets returned to the model

text
APPROVED — you may proceed with the action.
Approval ID: req_a1b2c3d4. Notes from reviewer: "OK but exclude accounts < 1 year old."

— or —

REJECTED — do not proceed with this action.
Reviewer note: "Too broad — filter by last_active < 2024-01-01 only."
Request ID: req_a1b2c3d4. Inform the user the action was declined.

Optional — configure timeout

json
{
  "mcpServers": {
    "cheqpoint": {
      "command": "npx",
      "args": ["-y", "@cheqpoint/mcp"],
      "env": {
        "CHEQPOINT_CONNECTION_KEY": "cq_live_...",
        "CHEQPOINT_TIMEOUT_MS": "600000"
      }
    }
  }
}

How it works

  1. Your MCP client (Claude Code, Claude Desktop, Cursor) discovers the request_human_approval tool at startup.
  2. When the model wants to take a risky action, it calls the tool with an action type, a plain-English summary, and the full parameters.
  3. Cheqpoint routes the request to your approval inbox. You get notified via web, Slack, email, Teams, Discord, or mobile push.
  4. You review, approve, decline, or modify the parameters (e.g. change an amount or scope). The model receives the decision and modified details.
  5. Every decision is recorded in the audit trail with a full timestamp, reviewer, and context.

Environment variables

CHEQPOINT_CONNECTION_KEYrequired

Your workspace Connection Key — find it under Settings → Connection Keys.

CHEQPOINT_BASE_URL

Override the API base URL. Default: https://app.cheqpoint.co.

CHEQPOINT_TIMEOUT_MS

Max milliseconds to wait for a decision before returning TIMED_OUT. Default: 300000 (5 min).

Tips

  • Add Cheqpoint auto-decision rules for low-risk actions (e.g. read-only DB queries, file reads) so those pass without review. Only destructive or high-value actions reach a human.
  • The model receives modifiedDetails when a reviewer changes parameters — always instruct the model to prefer modified details over its original payload.
  • Set CHEQPOINT_TIMEOUT_MS to at least 600000 (10 min) for long-running Claude Code sessions where you may step away from your desk.
  • Get your Connection Key at Settings → Connection Keys in the dashboard. Never commit it to your repo — use your MCP client's env config instead.

Find your Connection Key at Settings → Connection Keys in the Cheqpoint dashboard.