Erik is the founder of Cloud Posse and creator of Atmos. With over a decade of experience helping teams adopt Terraform at scale, he is passionate about open-source infrastructure tooling and developer experience.
Atmos Pro now hosts a Model Context Protocol server at https://atmos-pro.com/mcp. Once installed, your agentic editor — Claude Code, Codex, Cursor, Continue, Cline — can answer questions about your workspace's drift, deployments, workflow runs, audit log, and more, directly. No more bouncing between editor and dashboard to find out what broke.
Here's why this is interesting. Because Atmos Pro keeps the full history of every run, your agent isn't limited to "what's failing right now?" It can answer:
When did this start failing? Walk back through workflow runs to find the first red one.
Is it flapping? Drifted–remediated–drifted patterns over time, not just the current state.
Why did it fail?explain_workflow_failure returns a structured { category, suggestedAction } so your agent routes on intent, not regex over logs.
What's our overall stability? Repo and workspace analytics, deltas vs. previous periods.
That's the loop: triage → root-cause → trend → fix — without leaving your editor.
Read-only tools shipping today. Every resource has a filterable list_<noun> and a single-row get_<noun> — failing instances, pending approvals, running deployments and so on are filter arguments, not separate tools.
Mutations (approve/reject runs, dispatch workflows, comment on PRs) follow once the read-only surface stabilizes — they require a separate consent step in the browser.
No PAT to paste, no API key in your .env, no static credential to rotate. OAuth still issues tokens — that's how OAuth works — but you never see, copy, or manage them. The browser handles the handshake, your OS keychain stores the result, and one click in Settings → MCP Clients revokes any client.
Concretely:
Tokens are short-lived. Access tokens expire in ≤1 hour. Refresh tokens last 30 days and rotate on every use.
Tokens are scoped. You choose the workspace and the permissions at install time, not the client author.
Tokens are revocable. One click in Settings → MCP Clients cascades through the entire rotation chain immediately. The next request from that client returns 401.
Destructive operations are unreachable. Workspace deletion, billing changes, webhook configuration, and repository deletion are blocked at the actor-type guard, regardless of any scope claim.
The standard underneath is OAuth 2.1 with Dynamic Client Registration (RFC 7591) and PKCE (RFC 7636) — the same one Linear, Sentry, Notion, and Cloudflare use for their hosted MCPs.
Every tool call is audited.actor_type=mcp_client, the client name, the tool, and (redacted) arguments are recorded — you can see exactly what your agent has been doing.
