// SCAN REPORT

COTI MCP Server

44 tools. 17 can modify or destroy data without limits.

3 destructive tools with no built-in limits. Policy required.

Last updated:

17 can modify or destroy data
27 read-only
44 tools total
// TOOL MAP
Read (27) Write / Execute (14) Destructive / Financial (3)
// WHAT CAN GO WRONG

Financial operations (transfer_native, transfer_private_erc20, transfer_private_erc721) can move real money. An agent caught in a loop could drain accounts before anyone notices.

Write operations (approve_erc20_spender, approve_private_erc721, call_contract_function) modify state. Without rate limits, an agent can make hundreds of changes in seconds — faster than any human can review or revert.

Execute tools (compile_and_deploy_contract, compile_contract, deploy_private_erc20_contract) trigger processes with side effects. Builds, notifications, workflows — all fired without throttling.

One command. Full control.

Intercept sits between your agent and COTI MCP Server. Every tool call checked against your policy before it executes — so your agent can do its job without breaking things.

npx -y @policylayer/intercept scan -- npx -y @davibauer/coti-mcp
Scans every tool. Generates a policy. Starts enforcing.
Works with Claude Code · Cursor · Claude Desktop · Windsurf · any MCP client
// RECOMMENDED RULES
Block financial tools by default
transfer_native:
  rules:
    - action: deny

Financial tools should be explicitly enabled per use case, not open by default.

Rate limit write operations
approve_erc20_spender:
  rules:
    - rate_limit: 30/hour

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
decode_event_data:
  rules:
    - rate_limit: 60/minute

Controls API costs and prevents retry loops from exhausting upstream rate limits.

// ALL 44 COTI MCP SERVER TOOLS
FINANCIAL 3 tools
Financial transfer_native Financial transfer_private_erc20 Financial transfer_private_erc721
EXECUTE 5 tools
Execute compile_and_deploy_contract Execute compile_contract Execute deploy_private_erc20_contract Execute deploy_private_erc721_contract Execute deploy_private_message_contract
WRITE 9 tools
Write approve_erc20_spender Write approve_private_erc721 Write call_contract_function Write create_account Write generate_aes_key Write import_account_from_private_key Write send_private_message Write set_private_erc721_approval_for_all Write switch_network
READ 27 tools
Read decode_event_data Read decrypt_message Read decrypt_value Read encrypt_message Read encrypt_value Read get_current_network Read get_current_rpc Read get_native_balance Read get_private_erc20_allowance Read get_private_erc20_balance Read get_private_erc20_decimals Read get_private_erc20_total_supply Read get_private_erc721_approved Read get_private_erc721_balance Read get_private_erc721_is_approved_for_all Read get_private_erc721_token_owner Read get_private_erc721_token_uri Read get_private_erc721_total_supply Read get_private_message_count Read get_private_message_senders Read get_transaction_logs Read get_transaction_status Read mint_private_erc20_token Read mint_private_erc721_token Read read_private_message Read sign_message Read verify_signature
// FAQ
Can an AI agent move money through the COTI MCP Server MCP server? +

Yes. The COTI MCP Server server exposes 3 financial tools including transfer_native, transfer_private_erc20, transfer_private_erc721. Without a policy, an autonomous agent can call these with no spend caps, no rate limits, and no approval flow. Intercept lets you block financial tools by default or set per-tool rate limits.

How do I prevent bulk modifications through COTI MCP Server? +

The COTI MCP Server server has 9 write tools including approve_erc20_spender, approve_private_erc721, call_contract_function. Set rate limits in your policy file -- for example, rate_limit: 10/hour prevents an agent from making more than 10 modifications per hour. Intercept enforces this at the transport layer.

How many tools does the COTI MCP Server MCP server expose? +

44 tools across 4 categories: Execute, Financial, Read, Write. 27 are read-only. 17 can modify, create, or delete data.

How do I add Intercept to my COTI MCP Server setup? +

One line change. Instead of running the COTI MCP Server server directly, prefix it with Intercept: intercept -c davibauer-coti-mcp.yaml -- npx -y @davibauer/coti-mcp. Download a pre-built policy from policylayer.com/policies/davibauer-coti-mcp and adjust the limits to match your use case.

// RELATED SERVERS

Other MCP servers with similar tools.

Starter policies available for each. Same risk classification, same one-command setup.

Aibtc 288 tools
paymentsautomation
Xdevplatform/xmcp 135 tools
paymentsautomation
Hiveagent 122 tools
paymentsautomation
Srv D7aoqmh5pdvs7391dcqg 70 tools
paymentsautomation
Indigo Protocol MCP 62 tools
paymentsautomation
MERX - TRON Resource Exchange 54 tools
paymentsautomation
Sui 53 tools
paymentsautomation
Ui 38 tools
paymentsautomation
policylayer/intercept

Control every MCP tool call
your agent makes.

Set budgets, approvals, and hard limits across MCP servers.

npx -y @policylayer/intercept init
Protect your agent in 30 seconds. Scans your MCP config and generates enforcement policies for every server.
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.