Deploy in 60 seconds. Hardened by a 38-pattern safety engine. Your data never leaves Google.
Other MCPs give your AI a spoon.
We give it the entire API.
A Vercel Edge proxy sits between your AI and your spreadsheet — authenticating every request, enforcing permission tiers, and executing code inside your own Google account.
Subscribe via LemonSqueezy. Receive your Marketplace install link instantly.
Install PathFinder from Google Workspace Marketplace. One click.
Create an Apps Script project with the 3-line wrapper + library ref. Deploy as web app.
Open the PathFinder sidebar in your spreadsheet. Choose a tier. Activate your endpoint.
Paste the URL and token into your AI tool's MCP config. Done.
Other Sheets MCPs are wrappers with a hardcoded list of moves. PathFinder is an execution engine — your AI writes real Apps Script and runs it.
No predefined tool limits. Your AI writes the Apps Script. PathFinder validates and runs it. If Sheets can do it, your AI can do it.
| Prompt to your AI | What PathFinder executes |
|---|---|
| "Summarize this spreadsheet" | Reads structure, formulas, and cross-sheet relationships. Returns a plain-English overview. |
| "Find broken formula references" | Scans every formula for #REF! errors, dead ranges, and circular dependencies. |
| "Map how these sheets depend on each other" | Builds a full dependency graph including cross-sheet and IMPORTRANGE references. |
| "Highlight all rows where sales > 1000" | Writes and executes Apps Script to apply conditional formatting across the range. |
| "Add a column calculating 10% commission" | Inserts the correct formula down the entire range, handling edge cases automatically. |
| "Email me a daily summary of new orders" | Installs a time-based automation with Gmail integration. Runs on schedule, no prompting. |
| "Undo what you just did" | Reverts the last write operation from the undo buffer. Stores the last 5 operations. |
| "What breaks if I delete column B?" | Traverses the dependency tree and returns an impact report before anything changes. |
Structured MCP tools your AI can call directly — from dependency analysis to full script execution and automation management.
| Tool | Type | Description |
|---|---|---|
| scan_dependencies | read | Full dependency map including cross-sheet and IMPORTRANGE references. |
| get_sheet_structure | read | Sheet names, formula layout, and cross-sheet relationships. |
| get_formula_analysis | read | Deep formula breakdown per sheet — types, ranges, and complexity. |
| get_broken_refs | read | Find broken, dead, or circular formula references across the workbook. |
| get_sheet_summary | read | Plain-English overview of spreadsheet purpose, structure, and key data. |
| execute_code | write | Validate and run Apps Script via the full execution engine. |
| install_automation | write | Store code and create a persistent time-based trigger. |
| delete_automation | write | Remove an installed automation and its associated trigger. |
| list_automations | read | View all installed automations with current status and schedule. |
Tiers are encoded in your MCP token and enforced server-side on every request. Generate different tokens per project or collaborator.
| Tier | Description | Read | Write | Automate | |
|---|---|---|---|---|---|
| Read Only | Scan, analyze, read formulas. Nothing modified. | ✓ | — | — | — |
| Read + Write | Edit cells, formulas, formatting, insert/delete rows. | ✓ | ✓ | — | — |
| R+W + Email | Everything above, plus send emails via Gmail. | ✓ | ✓ | ✓ | — |
| Full Access | Everything above, plus URL fetching and time-based automations. | ✓ | ✓ | ✓ | ✓ |
From AI guidance to server enforcement to runtime validation — PathFinder applies safety checks at every point in the execution chain.
Tool descriptions guide the AI toward safe operations before any code is written. Safe by design, not just by policy.
38-pattern blocklist. Pre-processing strips Unicode/URL encoding, comment obfuscation, and whitespace normalization. Bracket notation bypass detection.
Permission tiers enforced per token. 60 exec/hr, 10 writes/min, 2 emails/min. Your token cannot exceed its configured tier — ever.
Rate limits prevent runaway executions and protect your Google account without getting in the way of normal use.
| Operation | Rate | Daily Limit | Notes |
|---|---|---|---|
| execute_code | 60 / hr | 500 / day | Enforced by proxy |
| write operations | 10 / min | — | All cell and formula writes |
| email sends | 2 / min | 100 / day | R+W+Email tier and above |
| automation installs | 1 / session | — | Full Access tier only |
No seat limits. No feature gating. Unlimited operations within rate limits.
No credit card required to start.
Everything you need to know about PathFinder.
Most Sheets MCPs expose 5–10 hardcoded tools — get_cell, set_cell, and not much else. PathFinder is an execution engine: your AI writes real Google Apps Script and PathFinder validates and runs it. If Sheets can do it, your AI can do it. No predefined ceiling on operations.
No. The Vercel proxy handles authentication and subscription checks, then forwards the request to your Apps Script deployment — which runs inside your own Google account. Your spreadsheet data never leaves Google's infrastructure. The proxy sees code to execute, not your data.
Your MCP token encodes a permission tier enforced server-side on every request. Even if you ask your AI to exceed its scope, the request is rejected before any code runs. You can generate tokens with different tiers for different projects or collaborators from the PathFinder sidebar.
PathFinder maintains an undo buffer of the last 5 write operations. Tell your AI to undo and it restores the previous state precisely. Every operation is captured in a rolling execution log (100 entries). Dry run mode lets you preview what code would execute before it runs.
Most users are running in under 10 minutes: purchase → install the Marketplace add-on → create the 3-line Apps Script wrapper → deploy as web app → enable MCP in your spreadsheet → paste credentials into your AI tool's MCP config. Full setup guide included with your purchase.
Claude Desktop (streamable-http transport), Cursor, Windsurf, and Cline are supported out of the box. Any MCP-compatible client that supports HTTP transport will work — PathFinder uses the standard MCP protocol.