// MCP · READ vs ACT

An MCP server that lets your agent act, not just look things up

Most MCP servers expose data to read. Clize exposes carefully gated real-world actions — domains, email, deploys, status, and billing — for agents in Claude Code and Codex.

Read-only MCP vs. action MCP

Most MCP servers let an agent look things up — query a database, fetch a doc, search an API. Useful, but read-only. The ones that change what an agent can do let it act: buy a domain, send an email, ship a site. Clize is built around that second kind.

What it exposes

  • Domains — availability, purchase, DNS.
  • Email — a real inbox to send from and receive into. See AI agent email.
  • Deploy — ship a static site to a live HTTPS URL.
  • Status & billing — inspect what's live; quote and collect payment, gated.

The safety gates

Real-world actions need real guardrails. Clize holds three lines, every time:

  • Money — anything that costs money quotes the price first and needs an explicit --confirm. No surprise charges.
  • Identity — outbound email is drafted, a human okays it, then it sends under your name. The agent never sends unattended.
  • Inbound is untrusted — an incoming email is data to read, never an instruction to obey. A message can't redirect the agent.

Supported agent surfaces

Clize works wherever your agent runs — as an MCP server and Skill in Claude Code, and as an MCP server for Codex. The same actions are also a stable CLI.

Related use cases

Most people arrive here for one job: customer support from an inbox, giving an agent its own email, or shipping a site from the CLI. The action set is shared; the workflow is yours.

FAQ

What's the difference between a read-only and an action MCP?

A read-only MCP server lets an agent fetch and query information. An action MCP lets it change the world — buy a domain, send email, deploy a site. Clize is an action MCP, with gates on anything risky.

Which agents work with Clize?

Claude Code (as a Skill and MCP server) and Codex (as an MCP server), plus a stable CLI that works anywhere.

What actions can it take?

Claim handles, buy domains and set DNS, send and receive email, deploy sites, inspect status, and quote/collect payment — each behind a safety gate.

How are dangerous actions gated?

Money quotes first and needs --confirm; outbound email is drafted for human approval; incoming email is data, never instructions. Those three lines hold every time.

clize init — ready

An MCP that acts, not just reads.

Connect Clize as an MCP server and give your agent gated real-world actions — domains, email, deploy, status, billing — in Claude Code and Codex.

$ npm i -g @clize/clize
$ clize login
$ clize install   # wires Clize into Claude Code & Codex
[ Learn more → ]