// SCAN REPORT

Basecamp

26 tools. 10 can modify or destroy data without limits.

10 write tools that can modify data. Rate limits recommended.

Last updated:

10 can modify or destroy data
16 read-only
26 tools total
// TOOL MAP
Read (16) Write / Execute (10) Destructive / Financial (0)
// WHAT CAN GO WRONG

Write operations (basecamp_complete_todo, basecamp_create_comment, basecamp_create_kanban_card) modify state. Without rate limits, an agent can make hundreds of changes in seconds — faster than any human can review or revert.

One command. Full control.

Intercept sits between your agent and Basecamp. Every tool call checked against your policy before it executes — so your agent can do its job without breaking things.

npx -y @policylayer/intercept scan -- npx -y @basecamp-mcp
Scans every tool. Generates a policy. Starts enforcing.
Works with Claude Code · Cursor · Claude Desktop · Windsurf · any MCP client
// RECOMMENDED RULES
Rate limit write operations
basecamp_complete_todo:
  rules:
    - rate_limit: 30/hour

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
basecamp_get_kanban_card:
  rules:
    - rate_limit: 60/minute

Controls API costs and prevents retry loops from exhausting upstream rate limits.

// ALL 26 BASECAMP TOOLS
WRITE 10 tools
Write basecamp_complete_todo Write basecamp_create_comment Write basecamp_create_kanban_card Write basecamp_create_message Write basecamp_create_todo Write basecamp_move_kanban_card Write basecamp_uncomplete_todo Write basecamp_update_comment Write basecamp_update_kanban_card Write basecamp_update_message
READ 16 tools
Read basecamp_get_kanban_card Read basecamp_get_me Read basecamp_get_message Read basecamp_get_person Read basecamp_get_project Read basecamp_get_todoset Read basecamp_list_campfire_messages Read basecamp_list_comments Read basecamp_list_kanban_cards Read basecamp_list_kanban_columns Read basecamp_list_message_types Read basecamp_list_messages Read basecamp_list_people Read basecamp_list_projects Read basecamp_list_recordings Read basecamp_list_todos
// FAQ
How do I prevent bulk modifications through Basecamp? +

The Basecamp server has 10 write tools including basecamp_complete_todo, basecamp_create_comment, basecamp_create_kanban_card. Set rate limits in your policy file -- for example, rate_limit: 10/hour prevents an agent from making more than 10 modifications per hour. Intercept enforces this at the transport layer.

How many tools does the Basecamp MCP server expose? +

26 tools across 2 categories: Read, Write. 16 are read-only. 10 can modify, create, or delete data.

How do I add Intercept to my Basecamp setup? +

One line change. Instead of running the Basecamp server directly, prefix it with Intercept: intercept -c basecamp.yaml -- npx -y @@basecamp-mcp. Download a pre-built policy from policylayer.com/policies/basecamp and adjust the limits to match your use case.

policylayer/intercept

Control every MCP tool call
your agent makes.

Set budgets, approvals, and hard limits across MCP servers.

npx -y @policylayer/intercept init
Protect your agent in 30 seconds. Scans your MCP config and generates enforcement policies for every server.
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.