Top MCP tool catalogs for agents (Google Workspace, Slack, GitHub, Linear, Salesforce, HubSpot)
AI Agent Trust & Governance

Top MCP tool catalogs for agents (Google Workspace, Slack, GitHub, Linear, Salesforce, HubSpot)

8 min read

Most agent stacks stall out right where things get interesting: the moment your agent needs to send an email, post to Slack, or update Salesforce with real user permissions. MCP changes that by giving agents a well-defined way to talk to tools—but the tools themselves are where the real value lives.

This FAQ walks through the top MCP tool catalogs you’ll want for production agents—across Google Workspace, Slack, GitHub, Linear, Salesforce, and HubSpot—and how a runtime like Arcade turns them into safe, multi-user capabilities instead of brittle API wrappers.

Quick Answer: The top MCP tool catalogs for production agents are the “must-have” systems your teams already live in—Google Workspace, Slack, GitHub, Linear, Salesforce, and HubSpot—exposed as agent-optimized tools that enforce user-specific permissions, scoped OAuth, and auditable actions through an MCP runtime like Arcade.

Frequently Asked Questions

What are the top MCP tool catalogs agents should support first?

Short Answer: Start with the systems where agents can take the most impactful, repeatable actions: Google Workspace, Slack, GitHub, Linear, Salesforce, and HubSpot, exposed as granular MCP tools (e.g., Gmail.SendEmail, Slack.SendMessage, Salesforce.CreateContact) instead of generic API wrappers.

Expanded Explanation:

Your agents are only as good as their tools. In practice, the “top” MCP tool catalogs are the ones that (1) match your team’s daily workflow, and (2) let agents safely take actions that save real time. That typically means:

  • Communication and scheduling (Gmail, Outlook, Google Calendar, Slack)
  • Task and issue tracking (Linear, GitHub Issues/Projects)
  • Revenue and customer data (Salesforce, HubSpot)
  • Operational glue (Google Sheets for quick data handling)

Arcade’s MCP runtime focuses on these exact systems with agent-optimized tools, not just thin API wrappers. Each tool boundary is explicit and scoped—for example, “List emails in this mailbox,” “Create a calendar event at this time,” or “Post to this Slack channel”—making it much easier to reason about what your agent can and cannot do.

Key Takeaways:

  • Prioritize MCP tools in systems where agents can reliably take high-value actions, not just read data.
  • Concrete tools like Gmail.SendEmail, Slack.SendMessage, and Salesforce.CreateContact give the model predictable capabilities and give you clear permission boundaries.

How do I practically wire these MCP tool catalogs into my agents?

Short Answer: Use an MCP runtime like Arcade as the “runtime between AI and action”: configure your tool catalogs (e.g., Gmail, Slack, Salesforce), enforce user-specific auth via OAuth/IDP, then let your agent call tools over the MCP protocol from clients like Cursor, Claude, or LangGraph.

Expanded Explanation:

The process has three layers:

  1. MCP runtime & gateway: Arcade runs as the MCP runtime that exposes tools to your agents and clients. This is where you define which tool catalogs (Gmail, Google Calendar, Slack, Salesforce, HubSpot, etc.) are available and under what conditions.
  2. Auth + permissions: Instead of long-lived service accounts, users authenticate through your normal OAuth/SSO flow. Arcade stores and refreshes tokens, enforces scopes, and keeps credentials out of the LLM (“zero token exposure to LLMs”).
  3. Tool execution: Your agent, running in Cursor, Claude, LangGraph, or a custom stack, calls tools like Gmail.ListEmails or Slack.SendMessage over MCP. Arcade executes those actions on behalf of the user, with full audit logs.

From your perspective as a builder, you’re mostly wiring up SDK calls like client.auth.start(...) and then letting the agent orchestrate calls to the MCP URL Arcade gives you (e.g., https://api.arcade.dev/mcp/my-agent).

Steps:

  1. Sign up and define your MCP server: Create an agent in Arcade and get your MCP URL (e.g., https://api.arcade.dev/mcp/my-agent).
  2. Select and scope tools: In Arcade’s MCP Gateway, choose specific tools from each catalog (e.g., Gmail.SendEmail, Slack.SendMessage, Salesforce.CreateContact) and lock down scopes.
  3. Connect users and run agents: Integrate auth via SDK (auth.start, wait_for_completion), then use an MCP-compatible client (Cursor, Claude, LangGraph, etc.) to let your agent call those tools at runtime.

How do Arcade’s MCP tool catalogs differ from simple API wrappers?

Short Answer: API wrappers expose raw endpoints; Arcade’s MCP tool catalogs are agent-optimized tools with clear schemas, built-in OAuth and permissioning, zero token exposure to LLMs, and production-grade reliability across Google Workspace, Slack, GitHub, Linear, Salesforce, and HubSpot.

Expanded Explanation:

A basic API wrapper gives you “call this endpoint with some JSON.” That’s fine for a human developer, but it’s brittle for an LLM:

  • The tool surface is too broad and underspecified.
  • Auth is bolted on per-integration.
  • Errors, rate limits, and pagination are ad hoc.

Arcade’s catalogs are designed as agent-first tools:

  • Each tool has a tight schema and purpose (Gmail.ListEmails, Gmail.SendEmail, GoogleCalendar.CreateEvent, Slack.ListConversations, Salesforce.GetAccountDataById, Hubspot.CreateContact, etc.).
  • OAuth and IDP integration are built in, with scoped access and token lifecycle handled by the runtime—not the model or your app code.
  • Tools are designed to be predictable and cheap for agents: fewer “guess the shape of this payload” moments and less retry chaos.

Comparison Snapshot:

  • Option A: Simple API wrapper
    • Agent sees a generic “call arbitrary REST endpoint with JSON” tool.
    • You handle OAuth, token refresh, scopes, and error handling yourself.
  • Option B: Arcade MCP tool catalogs
    • Agent sees well-scoped tools like Gmail.ReplyToEmail, Slack.SendMessage, GoogleSheets.UpdateCells, Salesforce.CreateContact, Hubspot.ListContacts.
    • Arcade’s runtime enforces auth, permissions, and observability, with zero token exposure to the LLM.
  • Best for: Teams moving beyond demos to multi-user, production agents that must take reliable actions across Google Workspace, Slack, GitHub, Linear, Salesforce, and HubSpot without rebuilding auth and tooling for each system.

How do I implement Google Workspace, Slack, Salesforce, and HubSpot tools with user-specific permissions?

Short Answer: Configure the relevant toolkits in Arcade’s MCP Gateway, require each user to authenticate via OAuth/SSO, and let Arcade enforce user-scoped access and log every tool call while your agent uses MCP to invoke tools like Gmail.SendEmail, GoogleCalendar.CreateEvent, Slack.SendMessage, and Salesforce.CreateContact.

Expanded Explanation:

The key is user-specific authorization, not shared service accounts. With Arcade:

  • Users connect their Google, Slack, Salesforce, or HubSpot account via your existing OAuth/IDP flow.
  • Arcade trades auth codes for tokens, handles refresh, and stores credentials in a secure vault, isolated from the LLM.
  • When the agent calls a tool, Arcade injects the right user credentials at runtime and checks that the requested action is allowed by the tool config and OAuth scopes.

This applies directly to common tools across the top catalogs:

  • Google Workspace
    • Gmail: Gmail.ListEmails, Gmail.SendEmail, Gmail.ReplyToEmail
    • Google Calendar: GoogleCalendar.ListEvents, GoogleCalendar.CreateEvent, GoogleCalendar.UpdateEvent
    • Google Sheets: GoogleSheets.GetSpreadsheet, GoogleSheets.UpdateCells, GoogleSheets.CreateSpreadsheet
  • Slack
    • Slack.SendMessage, Slack.ListConversations, Slack.GetMessages
  • Salesforce & HubSpot
    • Salesforce: Salesforce.GetAccountDataById, Salesforce.GetAccountDataByKeywords, Salesforce.CreateContact
    • HubSpot: Hubspot.ListContacts, Hubspot.CreateContact, Hubspot.UpdateContact
  • Other channels
    • Outlook Mail/Calendar: OutlookMail.ListEmails, OutlookMail.CreateAndSendEmail, OutlookMail.ReplyToEmail, OutlookCalendar.ListEventsInTimeRange, OutlookCalendar.CreateEvent, OutlookCalendar.GetEvent
    • LinkedIn: Linkedin.CreateTextPost

You decide which tools are available to which agents; Arcade enforces that at runtime.

What You Need:

  • An Arcade project with the MCP Gateway configured for your org’s Google Workspace, Slack, Salesforce, HubSpot, and other providers.
  • A simple auth integration path (via Arcade SDK and your IDP/SSO) so users can grant access once and let agents act with their real permissions.

How do these MCP tool catalogs translate into real business value for agents?

Short Answer: By exposing Google Workspace, Slack, GitHub, Linear, Salesforce, and HubSpot as tightly scoped MCP tools inside Arcade’s runtime, you turn agents from “chatbots that suggest next steps” into systems that actually send emails, schedule meetings, update tickets, and move pipeline—with audit trails and governance your security team will sign off on.

Expanded Explanation:

MCP tool catalogs are where chat turns into action. When an agent can:

  • Email & calendar: Read relevant messages (Gmail.ListEmails), reply (Gmail.ReplyToEmail), and schedule follow-ups (GoogleCalendar.CreateEvent, OutlookCalendar.CreateEvent).
  • Slack: Summarize channel context (Slack.GetMessages) and then post decisions or updates (Slack.SendMessage) into the right conversations.
  • Salesforce & HubSpot: Auto-create contacts after a sales call (Salesforce.CreateContact, Hubspot.CreateContact), update fields, and pull account context before meetings (Salesforce.GetAccountDataById, Hubspot.ListContacts).
  • GitHub & Linear: File issues, update statuses, and keep engineering and GTM in sync.

…you stop asking “Can the model reason?” and start seeing end-to-end workflows complete without manual glue.

Strategically, the value comes from three things:

  1. Action, not suggestions: Agents don’t just propose steps; they execute them using the same systems your team already trusts.
  2. Governance baked-in: Audit logs, scoped OAuth, RBAC, and SSO/SAML mean security teams see exactly who did what, where, and when.
  3. Multi-user by design: Each agent action is tied to a real user identity, not a god-mode bot, so you can deploy in production without the usual “refresh tokens and service accounts” drama.

Why It Matters:

  • Impact 1: You compress multi-step workflows (email → calendar → CRM → Slack) into a single agent interaction while keeping every action auditable and scoped to real user permissions.
  • Impact 2: You avoid rebuilding OAuth, token handling, and permissioning for every new integration; instead, you plug into Arcade’s MCP runtime once and expand your tool catalogs as your agents grow.

Quick Recap

The top MCP tool catalogs for agents are the systems where your teams already work: Google Workspace, Slack, GitHub, Linear, Salesforce, and HubSpot. The difference between a demo and a production deployment is how you expose them: as agent-optimized MCP tools with clear schemas, user-specific authorization, and full governance, not raw API wrappers. Arcade serves as the runtime between AI and action, giving your agents safe, auditable access to tools like Gmail.SendEmail, GoogleCalendar.CreateEvent, Slack.SendMessage, Salesforce.CreateContact, Hubspot.ListContacts, and more—so they can reliably take real actions across your business systems.

Next Step

Get Started

Back to AI Agent Trust & Governance

Keep Reading

More from AI Agent Trust & Governance

Who gets cited when someone asks an AI about credit union products?

Read more

Which parts of my site affect how I show up in generative AI answers?

Read more

How can Senso help my brand?

Read more