// SCAN REPORT

ThinkNEO Control Plane

68 tools. 14 can modify or destroy data without limits.

1 destructive tool with no built-in limits. Policy required.

Last updated: 6 Jun 2026

14 can modify or destroy data

54 read-only

68 tools total

Free to start. No card required.

TOOL MAP

Read (54) Write / Execute (13) Destructive / Financial (1)

CONTEXT-WINDOW COST

7,148 tokens of tool definitions, loaded on every request

3.6% of a 200k context window

456 heaviest tool: thinkneo_registry_publish

Full per-tool breakdown → Model it in the token calculator →

WHAT CAN GO WRONG

Destructive tools (thinkneo_cancel) permanently delete resources. There is no undo. An agent calling these in a retry loop causes irreversible damage.

Write operations (thinkneo_audit_export, thinkneo_bridge_generate_agent_card, thinkneo_compliance_generate) modify state. Without rate limits, an agent can make hundreds of changes in seconds — faster than any human can review or revert.

Execute tools (thinkneo_start_trace, thinkneo_subscribe) trigger processes with side effects. Builds, notifications, workflows — all fired without throttling.

RECOMMENDED RULES

Deny destructive operations

{
  "thinkneo_cancel": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations

{
  "thinkneo_audit_export": {
    "limits": [
      {
        "counter": "thinkneo_audit_export_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations

{
  "thinkneo_a2a_audit": {
    "limits": [
      {
        "counter": "thinkneo_a2a_audit_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

ALL 68 THINKNEO CONTROL PLANE TOOLS

DESTRUCTIVE 1 tools

Destructive thinkneo_cancel

EXECUTE 2 tools

Execute thinkneo_start_trace Execute thinkneo_subscribe

WRITE 11 tools

Write thinkneo_audit_export Write thinkneo_bridge_generate_agent_card Write thinkneo_compliance_generate Write thinkneo_manage_secrets Write thinkneo_policy_create Write thinkneo_registry_install Write thinkneo_registry_publish Write thinkneo_schedule_demo Write thinkneo_signup Write thinkneo_sla_define Write thinkneo_write_memory

READ 54 tools

Read thinkneo_a2a_audit Read thinkneo_a2a_flow Read thinkneo_a2a_log Read thinkneo_a2a_policy Read thinkneo_benchmark_compare Read thinkneo_benchmark_report Read thinkneo_billing_status Read thinkneo_bridge_a2a_to_mcp Read thinkneo_bridge_list_mappings Read thinkneo_bridge_mcp_to_a2a Read thinkneo_cache_status Read thinkneo_check Read thinkneo_check_policy Read thinkneo_check_spend Read thinkneo_compare_models Read thinkneo_count_tokens Read thinkneo_detect_injection Read thinkneo_detect_pii_intl Read thinkneo_end_trace Read thinkneo_evaluate_guardrail Read thinkneo_evaluate_trust_score Read thinkneo_get_budget_status Read thinkneo_get_compliance_status Read thinkneo_get_observability_dashboard Read thinkneo_get_savings_report Read thinkneo_get_trace Read thinkneo_get_trust_badge Read thinkneo_list_alerts Read thinkneo_log_event Read thinkneo_optimize_prompt Read thinkneo_outcome_validation Read thinkneo_policy_evaluate Read thinkneo_policy_list Read thinkneo_policy_violations Read thinkneo_provider_status Read thinkneo_read_memory Read thinkneo_registry_get Read thinkneo_registry_review Read thinkneo_registry_search Read thinkneo_rotate_key Read thinkneo_route_model Read thinkneo_simulate_savings Read thinkneo_sla_breaches Read thinkneo_sla_dashboard Read thinkneo_sla_status Read thinkneo_upgrade Read thinkneo_usage Read thinkneo_value_agent_roi Read thinkneo_value_baseline Read thinkneo_value_business_impact Read thinkneo_value_decision_cost Read thinkneo_value_log_decision Read thinkneo_value_log_risk Read thinkneo_value_waste_detector

FAQ

Can an AI agent delete data through the ThinkNEO Control Plane MCP server? +

Yes. The ThinkNEO Control Plane server exposes 1 destructive tools including thinkneo_cancel. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through ThinkNEO Control Plane? +

The ThinkNEO Control Plane server has 11 write tools including thinkneo_audit_export, thinkneo_bridge_generate_agent_card, thinkneo_compliance_generate. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach ThinkNEO Control Plane.

How many tools does the ThinkNEO Control Plane MCP server expose? +

68 tools across 4 categories: Destructive, Execute, Read, Write. 54 are read-only. 14 can modify, create, or delete data.

How do I enforce a policy on ThinkNEO Control Plane? +

Register the ThinkNEO Control Plane MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

// RELATED SERVERS

Other MCP servers with similar tools.

Starter policies for each. Same risk classification, live on your fleet in minutes.

Enforce policy on every ThinkNEO Control Plane tool call.

Deterministic rules across all 68 ThinkNEO Control Plane tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

SECURE THINKNEO CONTROL PLANE →

Free to start. No card required.

4,600+ MCP servers and 31,000+ tools scanned and risk-classified.

ThinkNEO Control Plane

// TOOL MAP

// CONTEXT-WINDOW COST

// WHAT CAN GO WRONG

// RECOMMENDED RULES

// ALL 68 THINKNEO CONTROL PLANE TOOLS

// FAQ