// SCAN REPORT

Binalyze AIR MCP Server

116 tools. 71 can modify or destroy data without limits.

17 destructive tools with no built-in limits. Policy required.

Last updated:

71 can modify or destroy data
45 read-only
116 tools total

71 Binalyze AIR MCP Server tools can modify or destroy data, with no limits today. PolicyLayer puts allow, deny, and rate-limit rules on every call. Live in minutes.

SECURE BINALYZE AIR MCP SERVER →

Free to start. No card required.

TOOL MAP

Read (45) Write / Execute (54) Destructive / Financial (17)

WHAT CAN GO WRONG

Destructive tools (cancel_task_assignment, cancel_task_by_id, delete_auto_asset_tag_by_id) permanently delete resources. There is no undo. An agent calling these in a retry loop causes irreversible damage.

Write operations (acquire_baseline, add_note_to_case, add_tags_to_assets) modify state. Without rate limits, an agent can make hundreds of changes in seconds — faster than any human can review or revert.

Execute tools (start_tagging) trigger processes with side effects. Builds, notifications, workflows — all fired without throttling.

RECOMMENDED RULES

Deny destructive operations
{
  "cancel_task_assignment": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "acquire_baseline": {
    "limits": [
      {
        "counter": "acquire_baseline_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "check_case_name": {
    "limits": [
      {
        "counter": "check_case_name_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

Get this policy live on your own Binalyze AIR MCP Server server in minutes. Tune the limits to your setup; PolicyLayer enforces it on every call.

ENFORCE ON MY BINALYZE AIR MCP SERVER →

ALL 116 BINALYZE AIR MCP SERVER TOOLS

DESTRUCTIVE 17 tools
Destructive cancel_task_assignment Destructive cancel_task_by_id Destructive delete_auto_asset_tag_by_id Destructive delete_note_from_case Destructive delete_organization Destructive delete_policy_by_id Destructive delete_repository Destructive delete_tags_from_organization Destructive delete_task_assignment Destructive delete_task_by_id Destructive delete_triage_rule Destructive purge_and_uninstall_assets Destructive remove_endpoints_from_case Destructive remove_tags_from_assets Destructive remove_task_assignment_from_case Destructive remove_user_from_organization Destructive uninstall_assets
EXECUTE 1 tools
Execute start_tagging
WRITE 53 tools
Write acquire_baseline Write add_note_to_case Write add_tags_to_assets Write add_tags_to_organization Write archive_case_by_id Write assign_acquisition_task Write assign_image_acquisition_task Write assign_isolation_task Write assign_log_retrieval_task Write assign_reboot_task Write assign_shutdown_task Write assign_triage_task Write assign_users_to_organization Write assign_version_update_task Write call_webhook Write change_case_owner Write close_case_by_id Write compare_baseline Write create_acquisition_profile Write create_amazon_s3_repository Write create_auto_asset_tag Write create_azure_storage_repository Write create_case Write create_ftps_repository Write create_organization Write create_policy Write create_sftp_repository Write create_smb_repository Write create_triage_rule Write create_triage_tag Write export_audit_logs Write export_case_activities Write export_case_endpoints Write export_case_notes Write export_cases Write import_task_assignments_to_case Write open_case_by_id Write post_webhook Write update_amazon_s3_repository Write update_auto_asset_tag Write update_azure_storage_repository Write update_banner_message Write update_case Write update_ftps_repository Write update_note_in_case Write update_organization_by_id Write update_organization_deployment_token Write update_organization_shareable_deployment Write update_policy Write update_policy_priorities Write update_sftp_repository Write update_smb_repository Write update_triage_rule
READ 45 tools
Read check_case_name Read check_organization_name_exists Read download_case_ppc Read download_task_report Read get_acquisition_profile_by_id Read get_asset_by_id Read get_asset_tasks_by_id Read get_auto_asset_tag_by_id Read get_case_activities Read get_case_by_id Read get_case_endpoints Read get_case_tasks_by_id Read get_case_users Read get_comparison_report Read get_organization_by_id Read get_organization_users Read get_policy_by_id Read get_policy_match_stats Read get_report_file_info Read get_repository_by_id Read get_shareable_deployment_info Read get_task_assignments Read get_task_assignments_by_id Read get_task_by_id Read get_triage_rule_by_id Read get_user_by_id Read list_acquisition_artifacts Read list_acquisition_profiles Read list_assets Read list_audit_logs Read list_auto_asset_tags Read list_cases Read list_drone_analyzers Read list_e_discovery_patterns Read list_organizations Read list_policies Read list_repositories Read list_tasks Read list_triage_rules Read list_triage_tags Read list_users Read validate_amazon_s3_repository Read validate_azure_storage_repository Read validate_ftps_repository Read validate_triage_rule

FAQ

Can an AI agent delete data through the Binalyze AIR MCP Server MCP server? +

Yes. The Binalyze AIR MCP Server server exposes 17 destructive tools including cancel_task_assignment, cancel_task_by_id, delete_auto_asset_tag_by_id. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Binalyze AIR MCP Server? +

The Binalyze AIR MCP Server server has 53 write tools including acquire_baseline, add_note_to_case, add_tags_to_assets. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Binalyze AIR MCP Server.

How many tools does the Binalyze AIR MCP Server MCP server expose? +

116 tools across 4 categories: Destructive, Execute, Read, Write. 45 are read-only. 71 can modify, create, or delete data.

How do I enforce a policy on Binalyze AIR MCP Server? +

Register the Binalyze AIR MCP Server MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

// RELATED SERVERS

Other MCP servers with similar tools.

Starter policies for each. Same risk classification, live on your fleet in minutes.

Aibtc 327 tools
adminautomation
Mcp Api 314 tools
adminautomation
SmartBear MCP 243 tools
adminautomation
Google Super 200 tools
adminautomation
Arcane 180 tools
adminautomation
Propresenter 177 tools
adminautomation
Leaper Vision Toolkit 169 tools
adminautomation
Opencut Controller 161 tools
adminautomation

Enforce policy on every Binalyze AIR MCP Server tool call.

Deterministic rules across all 116 Binalyze AIR MCP Server tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

SECURE BINALYZE AIR MCP SERVER →

Free to start. No card required.

4,600+ MCP servers and 31,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.