// SCAN REPORT

Zenoti

23 tools. 5 can modify or destroy data without limits.

5 write tools that can modify data. Rate limits recommended.

Last updated:

5 can modify or destroy data
18 read-only
23 tools total
// TOOL MAP
Read (18) Write / Execute (5) Destructive / Financial (0)
// WHAT CAN GO WRONG

Write operations (zenoti-appointments-progress, zenoti-feedback-submit, zenoti-guests-create) modify state. Without rate limits, an agent can make hundreds of changes in seconds — faster than any human can review or revert.

// RECOMMENDED RULES
Rate limit write operations
zenoti-appointments-progress:
  rules:
    - rate_limit: 30/hour

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
zenoti-appointments-checkin:
  rules:
    - rate_limit: 60/minute

Controls API costs and prevents retry loops from exhausting upstream rate limits.

// ALL 23 ZENOTI TOOLS
WRITE 5 tools
Write zenoti-appointments-progress Write zenoti-feedback-submit Write zenoti-guests-create Write zenoti-guests-update Write zenoti-invoices-close
READ 18 tools
Read zenoti-appointments-checkin Read zenoti-appointments-get Read zenoti-appointments-list Read zenoti-appointments-noshow Read zenoti-availability-slots Read zenoti-booking-confirm Read zenoti-booking-reserve Read zenoti-centers-list Read zenoti-forms-get Read zenoti-forms-list Read zenoti-guests-get Read zenoti-guests-search Read zenoti-invoices-confirm Read zenoti-invoices-get Read zenoti-services-get Read zenoti-services-list Read zenoti-therapists-list Read zenoti-webhooks-subscribe
// FAQ
How do I prevent bulk modifications through Zenoti? +

The Zenoti server has 5 write tools including zenoti-appointments-progress, zenoti-feedback-submit, zenoti-guests-create. Set rate limits in your policy file -- for example, rate_limit: 10/hour prevents an agent from making more than 10 modifications per hour. Intercept enforces this at the transport layer.

How many tools does the Zenoti MCP server expose? +

23 tools across 2 categories: Read, Write. 18 are read-only. 5 can modify, create, or delete data.

How do I add Intercept to my Zenoti setup? +

One line change. Instead of running the Zenoti server directly, prefix it with Intercept: intercept -c com-jamesrosingmd-zenoti.yaml -- npx -y @zenoti-mcp-server. Download a pre-built policy from policylayer.com/policies/com-jamesrosingmd-zenoti and adjust the limits to match your use case.

Let agents act without letting them run wild.

Deterministic policy on every MCP tool call. Per-identity grants. Full audit log.

GET STARTED →
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.