// SCAN REPORT

Businys

248 tools. 115 can modify or destroy data without limits.

25 destructive tools with no built-in limits. Policy required.

Last updated: 6 Jun 2026

115 can modify or destroy data

133 read-only

248 tools total

Free to start. No card required.

TOOL MAP

Read (133) Write / Execute (90) Destructive / Financial (25)

WHAT CAN GO WRONG

Financial operations (create_deposit_invoice, forfeit_deposit, process_refund) can move real money. An agent caught in a loop could drain accounts before anyone notices.

Destructive tools (archive_contract, archive_invoice, cancel_booking) permanently delete resources. There is no undo. An agent calling these in a retry loop causes irreversible damage.

Write operations (activate_template, add_gear_item, add_makeup_credit) modify state. Without rate limits, an agent can make hundreds of changes in seconds — faster than any human can review or revert.

RECOMMENDED RULES

Block financial tools by default

{
  "create_deposit_invoice": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Requires human approval."
      }
    ]
  }
}

Financial tools should be explicitly enabled per use case, not open by default.

Deny destructive operations

{
  "archive_contract": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations

{
  "activate_template": {
    "limits": [
      {
        "counter": "activate_template_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations

{
  "analyze-workout-progress": {
    "limits": [
      {
        "counter": "analyze-workout-progress_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

ALL 248 BUSINYS TOOLS

FINANCIAL 4 tools

Financial create_deposit_invoice Financial forfeit_deposit Financial process_refund Financial sell_credit_pack

WRITE 90 tools

Write activate_template Write add_gear_item Write add_makeup_credit Write add_workout_set Write ai_generate_brand_content Write ai_generate_program Write ai_suggest_progressive_overload Write archive_delivery Write bulk_create_clients Write bulk_send_notification Write bulk_update_status Write complete_and_invoice_milestone Write convert_booking_to_invoice Write convert_lead_to_client Write convert_proposal_to_contract Write convert_proposal_to_project Write create_aftercare_template Write create_api_key Write create_automation Write create_blackout Write create_brand_deal Write create_brand_guide_from_template Write create_checkout_page Write create_client Write create_contract Write create_credit_pack Write create_deliverable Write create_delivery Write create_design_moodboard Write create_engagement Write create_exercise Write create_flash_design Write create_follow_up_booking Write create_goal Write create_invoice Write create_lead Write create_measurement Write create_personal_record Write create_program Write create_proposal_from_intake Write create_recurring_billing Write create_resource Write create_session_type Write create_sponsor_deal Write create_sub_profile Write create_workout Write export_account Write export_client_data Write export_goals Write export_leads Write export_measurements Write export_personal_records Write export_programs Write export_workouts Write import_csv Write invite_member Write resume_recurring_billing Write send_aftercare Write send_delivery Write send_delivery_for_approval Write send_portal_link Write set_capacity_override Write set_custom_domain Write set_notification_preference Write set-fitness-goals Write switch_organization Write update_automation Write update_availability Write update_checkout_page Write update_client Write update_contract Write update_deliverable_status Write update_delivery Write update_engagement Write update_exercise Write update_gear_item Write update_goal Write update_invoice Write update_lead_status Write update_measurement Write update_member_role Write update_organization Write update_personal_record Write update_profile_page Write update_program Write update_session_type Write update_sub_profile Write update_workout Write update_workout_set Write upload_asset

READ 133 tools

Read analyze-workout-progress Read aspirations Read assess_brand_guide_completeness Read bulk_enroll Read claim_flash_design Read client_name Read current_measurements Read days_per_week Read deduct_credit Read design-training-program Read duplicate_program Read equipment Read experience Read get_asset_url Read get_availability Read get_booking Read get_brand_guide_versions Read get_business_overview Read get_capabilities Read get_capacity_overview Read get_checkout_page Read get_client Read get_client_history Read get_client_lifetime_value Read get_contract Read get_credit_balance Read get_custom_domain_status Read get_delivery Read get_delivery_approval_status Read get_engagement Read get_exercise Read get_gear_item Read get_gear_summary Read get_goal Read get_invoice Read get_lead Read get_manifest Read get_master_schedule Read get_measurement Read get_media_kit Read get_nexus_status Read get_notification_preferences Read get_nurture_status Read get_organization Read get_personal_record Read get_profile_page Read get_program Read get_proposal_feedback Read get_rate_analysis Read get_revenue_summary Read get_sub_profile Read get_subscription_status Read get_tech_stack Read get_time_summary Read get_workout Read global_search Read goal Read goals Read injuries Read join_waitlist Read link_booking_to_sub_profile Read list_ad_inventory Read list_aftercare_templates Read list_ai_audits Read list_ai_consulting_engagements Read list_api_keys Read list_assets Read list_automation_history Read list_automation_templates Read list_automations Read list_blackouts Read list_bookings Read list_brand_deals Read list_campaign_deliverables Read list_capacity_overrides Read list_checkout_pages Read list_clients Read list_compliance_logs Read list_content_deliverables Read list_contracts Read list_credit_history Read list_credit_packs Read list_deliverables Read list_deliveries Read list_delivery_files Read list_dormant_clients Read list_engagements Read list_episode_ads Read list_exercises Read list_expenses Read list_flash_designs Read list_gear Read list_goals Read list_implementations Read list_invitations Read list_invoices Read list_leads Read list_measurements Read list_members Read list_personal_records Read list_portal_users Read list_programs Read list_project_milestones Read list_recurring_billing Read list_resources Read list_retainers Read list_review_candidates Read list_session_types Read list_sow_documents Read list_sponsor_deals Read list_sub_profiles Read list_time_entries Read list_transactions Read list_user_organizations Read list_waitlist Read list_workout_sets Read list_workouts Read log_expense Read log_ink_usage Read log_needle_batch Read log_sterilization_cycle Read log_time_entry Read pause_recurring_billing Read sign_contract Read skip_nurture Read target Read timeline Read training_history Read web_extract Read web_search Read weeks Read workout_data

FAQ

Can an AI agent move money through the Businys MCP server? +

Yes. The Businys server exposes 4 financial tools including create_deposit_invoice, forfeit_deposit, process_refund. Without a policy, an autonomous agent can call these with no spend caps, no rate limits, and no approval flow. PolicyLayer lets you block financial tools by default, require human approval, or set per-tool rate limits — enforced on every call.

Can an AI agent delete data through the Businys MCP server? +

Yes. The Businys server exposes 21 destructive tools including archive_contract, archive_invoice, cancel_booking. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Businys? +

The Businys server has 90 write tools including activate_template, add_gear_item, add_makeup_credit. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Businys.

How many tools does the Businys MCP server expose? +

248 tools across 4 categories: Destructive, Financial, Read, Write. 133 are read-only. 115 can modify, create, or delete data.

How do I enforce a policy on Businys? +

Register the Businys MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

// RELATED SERVERS

Other MCP servers with similar tools.

Starter policies for each. Same risk classification, live on your fleet in minutes.

Enforce policy on every Businys tool call.

Deterministic rules across all 248 Businys tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

SECURE BUSINYS →

Free to start. No card required.

4,600+ MCP servers and 31,000+ tools scanned and risk-classified.

Businys

// TOOL MAP

// WHAT CAN GO WRONG

// RECOMMENDED RULES

// ALL 248 BUSINYS TOOLS

// FAQ