// SCAN REPORT

Arcane

180 tools. 89 can modify or destroy data without limits.

23 destructive tools with no built-in limits. Policy required.

Last updated:

89 can modify or destroy data
91 read-only
180 tools total

Verified server · catalogue entry verified 12/06/2026 · full schemas captured for 169 of 180 tools

How to control Arcane ↓

TOOL MAP

What Arcane exposes to your agents

Read (91) Write / Execute (64) Destructive / Financial (23)

Running more than one server? Check your whole stack →

CONTEXT-WINDOW COST

What Arcane costs in tokens

17,401 tokens of tool definitions, loaded on every request
8.7% of a 200k context window
325 heaviest tool: arcane_container_create

Full per-tool breakdown → Model it in the token calculator →

MOST DANGEROUS TOOLS
Critical Risk

The most dangerous Arcane tools

Destructive · High arcane_apikey_delete Deleting an API key is an irreversible action that immediately revokes access and cannot be undone. Destructive · Critical arcane_container_delete This tool irreversibly deletes Docker containers and can permanently remove associated volumes, making it a destructive operation that cannot be undone. Destructive · High arcane_environment_delete This tool permanently and irreversibly deletes a Docker environment configuration. Destructive · High arcane_event_delete The tool performs an irreversible deletion operation on historical event data.

89 of Arcane's 180 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

POLICY

How to control Arcane

PolicyLayer is an MCP gateway — it sits between your AI agents and Arcane, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations
{
  "arcane_apikey_delete": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "arcane_build_workspace_upload": {
    "limits": [
      {
        "counter": "arcane_build_workspace_upload_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "arcane_build_get": {
    "limits": [
      {
        "counter": "arcane_build_get_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Arcane — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON ARCANE →

Free to start. No card required.

FULL CATALOGUE

All 180 Arcane tools

DESTRUCTIVE 23 tools
Destructive arcane_apikey_delete Delete an API key (revoke access immediately) Destructive arcane_container_delete [HIGH RISK] Delete a Docker container permanently. Use force=true to delete running containers, volumes=true t Destructive arcane_environment_delete [HIGH RISK] Delete a Docker environment from Arcane. This removes the environment configuration but does not a Destructive arcane_event_delete Delete an event from the history Destructive arcane_git_repo_delete Delete a Git repository configuration Destructive arcane_gitops_delete Delete a GitOps sync configuration Destructive arcane_image_delete [HIGH RISK] Remove a Docker image from the host Destructive arcane_image_prune [HIGH RISK] Remove all unused Docker images. This frees disk space but cannot be undone. Destructive arcane_network_delete [HIGH RISK] Delete a Docker network. Connected containers will be disconnected. Destructive arcane_network_prune [HIGH RISK] Remove all unused Docker networks. This cannot be undone. Destructive arcane_project_destroy [CRITICAL RISK] Destroy a project completely, including containers and optionally volumes. This cannot be undo Destructive arcane_project_down Stop and remove containers for a Docker Compose project (docker-compose down). Use arcane_project_destroy to a Destructive arcane_registry_delete Delete a container registry configuration Destructive arcane_swarm_delete_service [HIGH RISK] Delete a Docker Swarm service permanently Destructive arcane_system_prune [CRITICAL RISK] Perform Docker system prune - removes unused containers, networks, images, and optionally volu Destructive arcane_template_delete Delete a Docker Compose template Destructive arcane_user_delete [HIGH RISK] Delete a user account permanently Destructive arcane_volume_backup_delete [HIGH RISK] Delete a volume backup permanently Destructive arcane_volume_delete [CRITICAL RISK] Permanently delete a Docker volume and ALL its data. This cannot be undone! Destructive arcane_volume_prune [CRITICAL RISK] Remove ALL unused Docker volumes and their data. This cannot be undone! Destructive arcane_webhook_delete Delete a webhook configuration Destructive arcane_swarm_leave_cluster [CRITICAL RISK] Leave the Docker Swarm cluster. Use force=true for managers. Destructive arcane_volume_backup_restore Restore a volume from a backup. This will overwrite existing data in the volume.
EXECUTE 30 tools
Execute arcane_build_image Build a Docker image from a Dockerfile or Git URL with support for build args and multi-platform builds Execute arcane_container_restart Restart a container Execute arcane_container_start Start a stopped container Execute arcane_container_stop Stop a running container Execute arcane_gitops_sync Trigger a GitOps sync to pull and deploy latest changes from the repository Execute arcane_job_run Run a job immediately Execute arcane_project_build Build images for a Docker Compose project Execute arcane_project_restart Restart all services in a Docker Compose project Execute arcane_project_up Deploy a Docker Compose project (docker-compose up -d). Use arcane_project_pull_images first to pull latest im Execute arcane_swarm_scale_service Scale a Swarm service to a specific number of replicas Execute arcane_system_containers_start_all Start all stopped containers in an environment Execute arcane_system_containers_start_stopped Start all previously stopped containers in an environment Execute arcane_system_containers_stop_all [HIGH RISK] Stop ALL running containers in an environment Execute arcane_updater_run Run the auto-updater to check and update all containers with available image updates Execute arcane_auth_logout Log out of the current session and invalidate tokens Execute arcane_container_redeploy Redeploy a single container (pull latest image and recreate) Execute arcane_image_pull Pull a Docker image from a registry Execute arcane_notification_apprise_test Send a test notification through Apprise Execute arcane_notification_test Send a test notification to verify configuration Execute arcane_project_pull_images Pull all images for a Docker Compose project Execute arcane_project_redeploy Redeploy a project (down + up). Useful for applying configuration changes. Use arcane_project_pull_images firs Execute arcane_registry_sync Sync all container registries to refresh image information Execute arcane_swarm_init_cluster [CRITICAL] Initialize a new Docker Swarm cluster on this node Execute arcane_swarm_join_cluster Join an existing Docker Swarm cluster Execute arcane_system_upgrade [HIGH RISK] Perform an Arcane system upgrade Execute arcane_vulnerability_scan_image Trigger a vulnerability scan for a Docker image Execute arcane_container_create Create a new Docker container Execute arcane_container_update Pull the latest image and recreate a container with the same configuration. Automatically pulls latest image b Execute arcane_swarm_create_service Create a new Docker Swarm service Execute arcane_updater_update_container Update a single container to the latest image version
WRITE 34 tools
Write arcane_build_workspace_upload Upload a file to the build workspace Write arcane_auth_change_password Change the password for the current user Write arcane_auth_refresh Refresh the authentication token using the refresh token Write arcane_environment_pair_agent Generate or rotate the local agent pairing token for an environment Write arcane_volume_browse_mkdir Create a directory in a Docker volume Write arcane_vulnerability_ignore Ignore a specific vulnerability (exclude from counts and alerts) Write arcane_vulnerability_unignore Unignore a previously ignored vulnerability Write arcane_apikey_create Create a new API key Write arcane_container_set_auto_update Enable or disable automatic updates for a specific container Write arcane_environment_create Create a new Docker environment in Arcane Write arcane_environment_update Update an existing Docker environment Write arcane_event_create Create a custom event for tracking Write arcane_git_repo_create Add a new Git repository configuration Write arcane_gitops_create Create a new GitOps sync configuration Write arcane_gitops_update Update a GitOps sync configuration Write arcane_job_schedule_update Update job schedules for an environment Write arcane_network_create Create a new Docker network Write arcane_notification_apprise_update Update Apprise notification configuration Write arcane_notification_update_settings Update notification settings for an environment Write arcane_project_create Create a new Docker Compose project from a compose file Write arcane_project_update Update a Docker Compose project configuration Write arcane_registry_create Add a new container registry configuration Write arcane_registry_update Update a container registry configuration Write arcane_settings_update Update environment settings Write arcane_swarm_update_service Update a Docker Swarm service configuration Write arcane_template_create Create a new Docker Compose template Write arcane_template_update Update a Docker Compose template Write arcane_template_update_variables Update global template variables Write arcane_user_create Create a new user Write arcane_user_update Update a user's settings Write arcane_volume_backup_create Create a backup of a Docker volume Write arcane_volume_create Create a new Docker volume Write arcane_webhook_create Create a new inbound webhook for an environment Write arcane_webhook_update Update a webhook configuration
READ 91 tools
Read arcane_build_get Get detailed information about a specific image build including logs Read arcane_build_list List image builds for an environment with optional filtering by status or search query Read arcane_build_workspace_browse Browse files in the build workspace directory Read arcane_build_workspace_get_content Get the content of a file from the build workspace Read arcane_apikey_list List API keys for the current user Read arcane_auth_me Get information about the currently authenticated user Read arcane_container_get Get detailed information about a specific container Read arcane_container_get_counts Get container status counts for an environment (running, stopped, etc.) Read arcane_container_list List Docker containers in an environment with pagination and filtering Read arcane_dashboard_get Get a consolidated dashboard snapshot for an environment (containers, projects, images, volumes, networks, sys Read arcane_dashboard_get_action_items Get dashboard action items that need attention (unhealthy containers, available updates, etc.) Read arcane_environment_get Get details of a specific Docker environment Read arcane_environment_get_deployment_snippets Get deployment snippets for installing Arcane agent on an environment Read arcane_environment_get_docker_info Get Docker system information for an environment Read arcane_environment_get_version Get the Arcane agent version running on an environment Read arcane_environment_list List all Docker environments configured in Arcane Read arcane_environment_test Test connectivity to a Docker environment Read arcane_event_list List events across all environments Read arcane_event_list_by_environment List events for a specific environment Read arcane_git_repo_browse_files Browse files in a Git repository Read arcane_git_repo_get_branches List branches in a Git repository Read arcane_git_repo_list List configured Git repositories Read arcane_git_repo_test Test connectivity to a Git repository Read arcane_gitops_get Get details of a GitOps sync configuration Read arcane_gitops_get_status Get the current sync status for a GitOps configuration Read arcane_gitops_list List GitOps sync configurations Read arcane_image_check_update Check if a newer version of an image is available Read arcane_image_check_updates_all Check for updates on all images in an environment Read arcane_image_get Get detailed information about a Docker image Read arcane_image_get_counts Get image counts and size statistics for an environment Read arcane_image_get_update_summary Get a summary of available image updates across all containers Read arcane_image_list List Docker images in an environment Read arcane_job_list List scheduled jobs in an environment Read arcane_network_get Get detailed information about a Docker network Read arcane_network_get_counts Get network counts for an environment Read arcane_network_get_topology Get the network topology graph showing containers, networks, and their connections Read arcane_network_list List Docker networks in an environment Read arcane_notification_apprise_get Get Apprise notification configuration Read arcane_notification_get_settings Get notification settings for an environment Read arcane_oidc_get_config Get OIDC client configuration details Read arcane_oidc_get_status Get OIDC configuration status (enabled, provider name, etc.) Read arcane_port_list List all port mappings across containers in an environment with pagination Read arcane_project_get Get detailed information about a Docker Compose project Read arcane_project_get_counts Get project status counts for an environment Read arcane_project_list List Docker Compose projects/stacks in an environment Read arcane_registry_get Get details of a container registry Read arcane_registry_list List configured container registries Read arcane_registry_test Test connectivity to a container registry Read arcane_settings_get Get environment settings Read arcane_settings_get_categories Get available settings categories Read arcane_settings_get_public Get public settings (no authentication required) Read arcane_settings_search Search settings and customization options Read arcane_swarm_get_cluster_info Get Docker Swarm cluster information and node counts Read arcane_swarm_get_service Get detailed information about a Swarm service Read arcane_swarm_get_service_logs Get logs from a Swarm service Read arcane_swarm_list_services List Docker Swarm services in an environment with pagination Read arcane_system_check_upgrade Check if an Arcane upgrade is available Read arcane_system_get_docker_info Get Docker system information for an environment Read arcane_system_get_health Check the health status of the Arcane server Read arcane_template_get Get details of a Docker Compose template Read arcane_template_get_content Get the Docker Compose YAML content of a template Read arcane_template_get_variables Get global template variables Read arcane_template_list List available Docker Compose templates Read arcane_updater_get_history Get the auto-updater history showing past update operations Read arcane_updater_get_status Get the current auto-updater status and schedule Read arcane_user_get Get details of a specific user Read arcane_user_list List all users in Arcane Read arcane_version_get Get the Arcane server version information Read arcane_volume_backup_list List backups for a Docker volume Read arcane_volume_backup_list_files List files contained in a volume backup Read arcane_volume_browse Browse files and directories in a Docker volume Read arcane_volume_browse_content Read the content of a file in a Docker volume Read arcane_volume_get Get detailed information about a Docker volume Read arcane_volume_get_counts Get volume counts for an environment Read arcane_volume_list List Docker volumes in an environment Read arcane_vulnerability_get_environment_summary Get an environment-wide vulnerability summary across all images Read arcane_vulnerability_get_image_options List images available for vulnerability scanning Read arcane_vulnerability_get_scan_result Get the full vulnerability scan result for an image Read arcane_vulnerability_get_scan_summaries Get vulnerability scan summaries for multiple images in batch Read arcane_vulnerability_get_scan_summary Get a vulnerability scan summary for an image Read arcane_vulnerability_get_scanner_status Get the status of the Trivy vulnerability scanner Read arcane_vulnerability_list List vulnerabilities found in an image with filtering and pagination Read arcane_vulnerability_list_all List all vulnerabilities across all images in an environment with filtering and pagination Read arcane_vulnerability_list_ignored List all ignored vulnerabilities in an environment Read arcane_webhook_list List configured webhooks for an environment Read arcane_image_update_check Check if an image update is available by image reference Read arcane_image_update_check_all Check all images in an environment for available updates Read arcane_image_update_check_by_id Check if an image update is available by image ID Read arcane_image_update_check_multiple Check for updates on multiple images at once Read arcane_image_update_get_summary Get a summary of image update status for an environment Read arcane_job_schedule_get Get job schedules for an environment
OTHER 2 tools
Other arcane_oidc_device_code Initiate OIDC device authorization flow. Returns a user code to enter at the verification URL. Other arcane_auth_login Authenticate with Arcane using username and password. Returns JWT tokens.
EXPLORE

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Sperax Ecosystem Crypto & DeFI MCP Server 1318 tools
adminautomation
Mcp Afip 1300 tools
adminautomation
Mcp Ap2 1300 tools
adminautomation
BNB Chain MCP 1240 tools
adminautomation
Nodebench 824 tools
adminautomation
Amazon Bedrock Knowledge Base Retrieval MCP Server 805 tools
adminautomation
Amazon Data Processing MCP Server 805 tools
adminautomation
Amazon ECS MCP Server 805 tools
adminautomation
FAQ

Questions about Arcane

Can an AI agent delete data through the Arcane MCP server? +

Yes. The Arcane server exposes 23 destructive tools including arcane_apikey_delete, arcane_container_delete, arcane_environment_delete. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Arcane? +

The Arcane server has 34 write tools including arcane_build_workspace_upload, arcane_auth_change_password, arcane_auth_refresh. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Arcane.

How many tools does the Arcane MCP server expose? +

180 tools across 4 categories: Destructive, Execute, Read, Write. 91 are read-only. 89 can modify, create, or delete data.

How do I enforce a policy on Arcane? +

Register the Arcane MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Arcane tool call.

Deterministic rules across all 180 Arcane tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

ENFORCE POLICY ON ARCANE →

Free to start. No card required.

180 Arcane tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.