// SCAN REPORT

Clickup

41 tools. 5 can modify or destroy data without limits.

5 write tools that can modify data. Rate limits recommended.

Last updated:

5 can modify or destroy data
36 read-only
41 tools total
// TOOL MAP
Read (36) Write / Execute (5) Destructive / Financial (0)
// WHAT CAN GO WRONG

Write operations (hierarchy_resolve_path, member_resolve, task_assignee_resolve) modify state. Without rate limits, an agent can make hundreds of changes in seconds — faster than any human can review or revert.

One command. Full control.

Intercept sits between your agent and Clickup. Every tool call checked against your policy before it executes — so your agent can do its job without breaking things.

npx -y @policylayer/intercept scan -- npx -y @taazkareem/clickup-mcp-server
Scans every tool. Generates a policy. Starts enforcing.
Works with Claude Code · Cursor · Claude Desktop · Windsurf · any MCP client
// RECOMMENDED RULES
Rate limit write operations
hierarchy_resolve_path:
  rules:
    - rate_limit: 30/hour

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
doc_list:
  rules:
    - rate_limit: 60/minute

Controls API costs and prevents retry loops from exhausting upstream rate limits.

// ALL 41 CLICKUP TOOLS
WRITE 5 tools
Write hierarchy_resolve_path Write member_resolve Write task_assignee_resolve Write task_comment_list Write time_report_for_container
READ 36 tools
Read doc_list Read doc_page_list Read doc_page_read Read doc_pages_read Read doc_read Read doc_search Read doc_search_bulk Read folder_list_for_space Read health Read list_custom_field_list Read list_list_for_space_or_folder Read member_list_for_workspace Read member_search_by_name Read ping Read reference_link_list Read reference_page_fetch Read space_list_for_workspace Read space_tag_list Read task_list_for_list Read task_read Read task_risk_report Read task_search Read task_search_fuzzy Read task_search_fuzzy_bulk Read task_status_report Read task_time_entry_list Read time_entry_current Read time_entry_list Read time_report_for_context Read time_report_for_space_tag Read time_report_for_tag Read tool_catalogue Read workspace_capability_snapshot Read workspace_hierarchy Read workspace_list Read workspace_overview
// FAQ
How do I prevent bulk modifications through Clickup? +

The Clickup server has 5 write tools including hierarchy_resolve_path, member_resolve, task_assignee_resolve. Set rate limits in your policy file -- for example, rate_limit: 10/hour prevents an agent from making more than 10 modifications per hour. Intercept enforces this at the transport layer.

How many tools does the Clickup MCP server expose? +

41 tools across 2 categories: Read, Write. 36 are read-only. 5 can modify, create, or delete data.

How do I add Intercept to my Clickup setup? +

One line change. Instead of running the Clickup server directly, prefix it with Intercept: intercept -c clickup.yaml -- npx -y @@taazkareem/clickup-mcp-server. Download a pre-built policy from policylayer.com/policies/clickup and adjust the limits to match your use case.

policylayer/intercept

Control every MCP tool call
your agent makes.

Set budgets, approvals, and hard limits across MCP servers.

npx -y @policylayer/intercept init
Protect your agent in 30 seconds. Scans your MCP config and generates enforcement policies for every server.
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.