Skip to main content

Announcing StackOne Defender: leading open-source prompt injection guard for your agent Read More

Connect

Connectors Agent Auth MCP Connector Builder

Optimize

Tool Discovery Falcon Engine

Secure

Defender
Connectors

HRIS / HCM

Employee Onboarding Employee Offboarding

Recruiting

Application Screening Interview Scheduling

Customer Support

Ticket Triage Voice Call Summarization

Sales & CRM

Deal Risk Scoring Lead Qualification

Accounting & Finance

Invoice Processing Month-End Accruals

Marketing

Campaign Reports Lead Nurture Sequences
View all use cases

Developers

Docs Changelog Status

Learn

Blog Case Studies Events Partners
Pricing
Login Book Demo Start Free

Box MCP Server
for AI Agents

Production-ready Box MCP server with 83 extensible actions — plus built-in authentication, security, and optimized execution.

Start Free Book Demo Read Docs →
Box logo
Box MCP Server
Built by StackOne StackOne

Coverage

83 Agent Actions

Create, read, update, and delete across Box — and extend your agent's capabilities with custom actions.

MCP Actions → Create Actions →

Authentication

Agent Tool Authentication

Per-user OAuth in one call. Your Box MCP server gets session-scoped tokens with zero credentials stored on your infra.

Agent Auth →

Security

Agent Protection

Every Box tool response scanned for prompt injection in milliseconds — 88.7% accuracy, all running on CPU.

Prompt Injection Defense →

Performance

Max Agent Context. Min Cost.

Free up to 96% of your agent's context window to enhance reasoning and reduce cost, on every Box call.

Tools Discovery →

What is the Box MCP Server?

A Box MCP server lets AI agents read and write Box data through the Model Context Protocol — Anthropic's open standard for connecting LLMs to external tools. StackOne's Box MCP server ships with 83 pre-built actions, fully extensible via the Connector Builder — plus managed authentication, prompt injection defense, and optimized agent context. Connect it from MCP clients like Claude Desktop, Cursor, and VS Code, or from agent frameworks like OpenAI Agents SDK, LangChain, and Vercel AI SDK.

All Box MCP Tools and Actions

Every action from Box's API, ready for your agent. Create, read, update, and delete — scoped to exactly what you need.

Files

  • Copy File

    Copy a file to another folder

  • Upload File

    Upload a new file

  • Download File

    Download file content

  • Update File

    Update a file's information

  • Delete File

    Delete a file and move it to trash

File Versions

  • Upload File Version

    Upload a new version of an existing file

  • Get File Version

    Retrieve a specific version of a file

  • List File Versions

    List all versions of a file

  • Delete File Version

    Delete a specific file version

File Collaborations

  • Get File Collaborations

    List collaborations on a file

  • List File Collaborations

    List all collaborations for a file

Folders

  • Create Folder

    Create a new folder

  • Copy Folder

    Copy a folder to another folder

  • Update Folder

    Update a folder's information

  • Delete Folder

    Delete a folder and move it to trash

Folder Collaborations

  • Get Folder Collaborations

    List collaborations on a folder

  • List Folder Collaborations

    List all collaborations for a folder

Users

  • Create User

    Create a new managed user in the enterprise

  • Get User

    Retrieve information about a user

  • Update User

    Update a user's information

  • Delete User

    Delete a user from the enterprise

User Avatars

  • Get User Avatar

    Retrieve a user's avatar image

  • Delete User Avatar

    Delete a user's avatar image

Groups

  • Create Group

    Create a new group

  • List Groups

    List all groups in the enterprise

  • Get Group

    Retrieve information about a group

  • Update Group

    Update a group's information

  • Delete Group

    Delete a group

Group Memberships

  • List Group Memberships

    List members of a group

  • Update Group Membership

    Update a user's membership in a group

Collaborations

  • Create Collaboration

    Add a collaborator to a file or folder

  • Get Collaboration

    Retrieve information about a collaboration

  • Update Collaboration

    Update a collaboration

  • Remove Collaboration

    Remove a collaboration

Comments

  • Create Comment

    Add a comment to a file

  • Get Comment

    Retrieve information about a comment

  • Update Comment

    Update a comment's message

  • Delete Comment

    Remove a comment

Tasks

  • Create Task

    Create a task on a file

  • Get Task

    Retrieve information about a task

  • Update Task

    Update a task

  • Delete Task

    Remove a task

Task Assignments

  • List Task Assignments

    List assignments for a task

  • Get Task Assignment

    Retrieve information about a task assignment

  • Update Task Assignment

    Update a task assignment

  • Delete Task Assignment

    Remove a task assignment

File Metadata Instances

  • Create File Metadata Instance

    Apply a metadata template to a file

  • List File Metadata Instances

    List all metadata instances on a file

  • Get File Metadata Instance

    Retrieve a specific metadata instance on a file

  • Update File Metadata Instance

    Update a metadata instance on a file

  • Delete File Metadata Instance

    Remove a metadata instance from a file

Folder Metadata Instances

  • Create Folder Metadata Instance

    Apply a metadata template to a folder

  • Get Folder Metadata Instance

    Retrieve a specific metadata instance on a folder

  • List Folder Metadata Instances

    List all metadata instances on a folder

  • Update Folder Metadata Instance

    Update a metadata instance on a folder

  • Delete Folder Metadata Instance

    Remove a metadata instance from a folder

Metadata Templates

  • List Metadata Templates

    List all metadata templates

  • Get Metadata Template

    Retrieve a metadata template

Other (25)

  • Add User To Group

    Add a user to a group

  • Create Upload Session

    Create a chunked upload session for large files

  • Get File Information

    Retrieve information about a file

  • Get File Thumbnail

    Retrieve a thumbnail of a file

  • Get File Comments

    List comments on a file

  • Get File Tasks

    List tasks on a file

  • Get Trashed File

    Retrieve information about a file in trash

  • List Folder Items

    List items in a folder

  • Get Folder Information

    Retrieve information about a folder

  • Get Trashed Folder

    Retrieve information about a folder in trash

  • List Trashed Items

    List all items in trash

  • Get Current User

    Retrieve information about the current authenticated user

  • List Enterprise Users

    List all users in the enterprise

  • List Pending Collaborations

    List all pending collaborations for a user

  • List Group Collaborations

    List all collaborations for a group

  • Query By Metadata

    Search files and folders by metadata

  • Get User And Enterprise Events

    List user and enterprise events

  • Remove User From Group

    Remove a user from a group

  • Promote File Version

    Promote a previous file version to be the current version

  • Restore File Version

    Restore a specific file version

  • Restore File From Trash

    Restore a file from trash

  • Permanently Delete File

    Permanently delete a trashed file

  • Restore Folder From Trash

    Restore a folder from trash

  • Permanently Delete Folder

    Permanently delete a trashed folder

  • Assign Task

    Assign a task to a user

Set Up Your Box MCP Server in Minutes

One endpoint. Any framework. Your agent is talking to Box in under 10 lines of code.

MCP Clients

Agent Frameworks

Claude Desktop
{
  "mcpServers": {
    "stackone": {
      "command": "npx",
      "args": [
        "-y",
        "mcp-remote@latest",
        "https://api.stackone.com/mcp?x-account-id=<account_id>",
        "--header",
        "Authorization: Basic <YOUR_BASE64_TOKEN>"
      ]
    }
  }
}

More Cloud Storage MCP Servers

Dropbox

82+ actions

Google Drive

47+ actions

Microsoft OneDrive

46+ actions

SharePoint

19+ actions

Azure Blob Storage

2+ actions

All Cloud Storage MCP Servers →

Box MCP Server Resources

MCP Code Mode: Keeping Tool Responses Out of Agent Context

Anthropic's code_execution processes data already in context. Custom MCP code mode keeps raw tool responses in a sandbox. 14K tokens vs 500.

11 min

Comparing BM25, TF-IDF, and Hybrid Search for MCP Tool Discovery

Benchmarking BM25, TF-IDF, and hybrid search for MCP tool discovery across 916 tools. The 80/20 TF-IDF/BM25 hybrid hits 21% Top-1 accuracy in under 1ms.

10 min

Indirect Prompt Injection Defense for MCP Tools: A Technical Guide

MCP tools that read emails, CRM records, and tickets are indirect prompt injection vectors. Here's how we built a two-tier defense that scans tool results in ~11ms.

12 min

Box MCP Server FAQ

Box MCP server vs direct API integration — what's the difference?
A Box MCP server and direct API integration serve different use cases. Direct API integration is for software-to-software — backend code calling Box. A Box MCP server is for AI agents — MCP clients like Claude and Cursor, plus framework agents built with OpenAI, LangChain, or Vercel AI — discovering and calling Box at runtime. StackOne provides both.
How does Box authentication work for AI agents?
Box authentication for AI agents works through a StackOne Connect Session. Create one via the dashboard or the SDK — you get an auth link and ready-to-paste config for Claude Desktop, Cursor, and other MCP clients. Your user authenticates their own Box account; StackOne handles token exchange, storage, and refresh. Credentials never reach the LLM, and each user is isolated via origin_owner_id.
Are Box MCP tools vulnerable to prompt injection?
Yes — Box MCP tools can be vulnerable to indirect prompt injection. Any tool that reads user-written content — documents, messages, tickets, records, or free-text fields — is a potential vector. StackOne Defender scans every tool response before it enters the agent's context — regex patterns in ~1ms, then a MiniLM classifier in ~4ms. 88.7% accuracy, CPU-only.
What is the context bloat of a Box agent and how do I avoid it?
Context bloat happens when Box tool schemas and API responses eat your Box agent's memory, preventing it from reasoning effectively. A single Box query can return a massive JSON response, and connecting multiple tools compounds the problem. Tools Discovery and Code Mode reduce context bloat — loading only relevant tools per query and keeping raw responses out of the agent's context.
Can I limit which actions my Box agent can access?
Yes — you can limit which actions your Box agent can access directly from the StackOne dashboard. Toggle actions on or off, or restrict them to specific accounts, with no code changes to your agent. Session tokens can be scoped to exact actions so if one leaks, exposure stays contained.
Can I create custom agent actions for my Box MCP server?
Yes — you can create custom agent actions for your Box MCP server using Connector Builder. It's an integration agent your coding assistant (Claude Code, Cursor, or Copilot) can invoke to research Box's API, generate production-ready connector YAML, test against the live API, and validate before you ship.
When should I NOT use a Box MCP server?
Skip a Box MCP server if your integration is purely software-to-software — direct Box API integration is simpler when no AI agent is involved. For deterministic, compliance-critical operations (financial transactions, regulatory reporting), direct API gives you predictable behavior without agent-driven decision-making. MCP shines when AI agents need to dynamically discover and call Box actions at runtime.
What AI frameworks and AI clients does the StackOne Box MCP server support?
The StackOne Box MCP server supports both. MCP clients (paste-and-go apps): Claude Desktop, Claude Code, Cursor, VS Code, Goose. Agent frameworks (code SDKs you build with): OpenAI Agents SDK, Anthropic, Vercel AI, Google ADK, CrewAI, Pydantic AI, LangChain, LangGraph, Azure AI Foundry.

Put your AI agents to work

All the tools you need to build and scale AI agent integrations, with best-in-class connectivity, execution, and security.

Start Free Book Demo