kubbiai

MCP

Give your agents secure handoffs with a single MCP tool

kubbi is an MCP-compatible tool server. Install it once and every agent in your stack can send single payloads or multi-file packages, claim, inspect, and manage temporary encrypted handoffs — no SDK wiring required.

Get started free

Six tools, complete handoff control

Every tool your agents need to send single payloads or multi-file packages, retrieve, preview, and manage temporary encrypted handoffs.

kubbi_send
Create a kubbi — an ephemeral, encrypted payload with a unique claim URL. Share the claim URL with any consumer (agent, service, human) who can retrieve the content with no API key.

Parameters

contentcontentTypettlSecondsmaxRetrievalsmetadata

Returns

claim URL + kubbi ID

kubbi_send_files
Create a multi-file kubbi package — multiple files encrypted together with a single claim URL. File count and size limits depend on your plan. For text files, pass content as a string. For binary files, base64-encode the content and set encoding to ‘base64’.

Parameters

filesttlSecondsmaxRetrievalsmetadata

Returns

claim URL + kubbi ID + file count

kubbi_claim
Claim a kubbi and retrieve its decrypted content. This counts as a retrieval — if max retrievals is reached, the content is permanently destroyed afterward. Works for both single-content and multi-file kubbis.

Parameters

claimUrl

Returns

decrypted content (or all files for packages)

kubbi_inspect
Inspect a kubbi without consuming it. Returns metadata (status, content type, retrieval count, expiry). For multi-file kubbis, also shows the file manifest. Does not count as a retrieval — safe to call repeatedly.

Parameters

claimUrl

Returns

metadata (status, content type, retrieval count, expiry, file manifest for packages)

kubbi_get
Get detailed metadata for a kubbi you created (by ID). Shows status, retrieval count, timestamps, and whether it has been claimed.

Parameters

id

Returns

full kubbi detail JSON

kubbi_delete
Delete (burn) a kubbi you created. Immediately wipes the encrypted payload. Any subsequent claim attempts will receive 410 Gone.

Parameters

id

Returns

confirmation

Install and configure

Add kubbi to your MCP client in one step. Paste the config below and replace the API key with your own.

Claude Desktop

claude_desktop_config.json

json
{
  "mcpServers": {
    "kubbi": {
      "command": "npx",
      "args": ["-y", "@kubbi.ai/mcp"],
      "env": {
        "KUBBI_API_KEY": "kb_..."
      }
    }
  }
}

Cursor

.cursor/mcp.json

json
{
  "mcpServers": {
    "kubbi": {
      "command": "npx",
      "args": ["-y", "@kubbi.ai/mcp"],
      "env": {
        "KUBBI_API_KEY": "kb_..."
      }
    }
  }
}

Get your API key from the dashboard. The server runs via npx — no global install needed.

Talk to your agent like normal

Once kubbi is connected, your agent discovers the tools automatically. Just describe what you need in plain language.

1

Create a kubbi with this analysis result and send me the claim URL.

2

Bundle these three files into a package kubbi and give me the claim link.

3

Claim the payload at this URL and summarize what’s inside.

4

Store this API response as a kubbi with max_retrievals: 1 and a 1-hour TTL.

5

Inspect the kubbi at this claim URL before I claim it.

6

Delete the kubbi I just created — I changed my mind.

Security

Why secure handoffs matter for MCP

Without kubbi, agents inline sensitive payloads directly into tool outputs, prompts, and orchestrator state. That data gets logged, cached, and replayed across every hop in the workflow.

With kubbi, the agent stores the payload once and passes only a claim URL. The next agent or human claims it on their own schedule. The payload is encrypted, time-limited, and can self-destruct after a single read.

The result: sensitive data stops traveling through your entire tool chain. Only the link moves.

Built-in protections

Encrypted at rest

AES-256-GCM encryption before the payload touches storage.

TTL expiry

Every kubbi self-destructs on schedule — no stale data, no cleanup.

Burn after read

One claim, one read, gone. Ideal for secrets and one-time handoffs.

Inspect before claim

Preview metadata without consuming the payload so the agent knows what it’s getting.

Try kubbi on your next workflow

Create a temporary handoff, pass one claim URL, and let the next agent or human pick it up when ready.

Get Started Free