// SCAN REPORT

Hwpx

135 tools. 69 can modify or destroy data without limits.

10 destructive tools with no built-in limits. Policy required.

Last updated:

69 can modify or destroy data
66 read-only
135 tools total
// TOOL MAP
Read (66) Write / Execute (59) Destructive / Financial (10)
// WHAT CAN GO WRONG

Destructive tools (delete_image, delete_memo, delete_paragraph) permanently delete resources. There is no undo. An agent calling these in a retry loop causes irreversible damage.

Write operations (apply_style, batch_fill_table, batch_replace) modify state. Without rate limits, an agent can make hundreds of changes in seconds β€” faster than any human can review or revert.

Execute tools (build_document, build_position_index) trigger processes with side effects. Builds, notifications, workflows β€” all fired without throttling.

// RECOMMENDED RULES
Deny destructive operations
delete_image:
  rules:
    - action: deny

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
apply_style:
  rules:
    - rate_limit: 30/hour

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
analyze_xml:
  rules:
    - rate_limit: 60/minute

Controls API costs and prevents retry loops from exhausting upstream rate limits.

// ALL 135 HWPX TOOLS
DESTRUCTIVE 10 tools
Destructive delete_image Destructive delete_memo Destructive delete_paragraph Destructive delete_section Destructive delete_table Destructive delete_table_column Destructive delete_table_row Destructive invalidate_reading_cache Destructive remove_hanging_indent Destructive remove_table_cell_hanging_indent
EXECUTE 2 tools
Execute build_document Execute build_position_index
WRITE 57 tools
Write apply_style Write batch_fill_table Write batch_replace Write close_document Write copy_paragraph Write copy_table Write create_document Write export_to_html Write export_to_text Write fill_by_path Write insert_bookmark Write insert_ellipse Write insert_endnote Write insert_equation Write insert_footnote Write insert_hyperlink Write insert_image Write insert_image_in_cell Write insert_line Write insert_memo Write insert_nested_table Write insert_page_break Write insert_paragraph Write insert_rect Write insert_section Write insert_table Write insert_table_column Write insert_table_row Write merge_cells Write move_paragraph Write move_table Write open_document Write render_mermaid_in_cell Write replace_text Write replace_text_in_cell Write save_document Write set_auto_hanging_indent Write set_cell_background_color Write set_cell_properties Write set_column_def Write set_column_widths Write set_document_metadata Write set_footer Write set_hanging_indent Write set_header Write set_numbering Write set_page_settings Write set_paragraph_style Write set_raw_section_xml Write set_section_xml Write set_table_cell_auto_hanging_indent Write set_table_cell_hanging_indent Write set_text_style Write update_image_size Write update_paragraph_text Write update_paragraph_text_preserve_styles Write update_table_cell
READ 66 tools
Read analyze_xml Read append_text_to_paragraph Read chunk_document Read extract_toc Read find_cell_by_label Read find_empty_tables Read find_insert_position_after_header Read find_insert_position_after_table Read find_paragraph_by_text Read find_table_by_header Read format_text Read get_bookmarks Read get_bullet_defs Read get_cell_context Read get_char_shapes Read get_chunk_at_offset Read get_chunk_context Read get_column_def Read get_document_metadata Read get_document_outline Read get_document_structure Read get_document_text Read get_element_index_for_table Read get_endnotes Read get_equations Read get_footer Read get_footnotes Read get_hanging_indent Read get_header Read get_hyperlinks Read get_images Read get_insert_context Read get_memos Read get_numbering_defs Read get_page_settings Read get_para_shapes Read get_paragraph Read get_paragraph_style Read get_paragraphs Read get_position_index Read get_raw_section_xml Read get_section_xml Read get_sections Read get_styles Read get_table Read get_table_as_csv Read get_table_cell Read get_table_cell_hanging_indent Read get_table_map Read get_tables Read get_tables_by_section Read get_tables_summary Read get_text_style Read get_tool_guide Read get_user_paths Read get_word_count Read list_open_documents Read list_template_profiles Read redo Read render_mermaid Read repair_xml Read search_chunks Read search_position_index Read search_text Read split_cell Read undo
// FAQ
Can an AI agent delete data through the Hwpx MCP server? +

Yes. The Hwpx server exposes 10 destructive tools including delete_image, delete_memo, delete_paragraph. These permanently remove resources with no undo. Intercept blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Hwpx? +

The Hwpx server has 57 write tools including apply_style, batch_fill_table, batch_replace. Set rate limits in your policy file -- for example, rate_limit: 10/hour prevents an agent from making more than 10 modifications per hour. Intercept enforces this at the transport layer.

How many tools does the Hwpx MCP server expose? +

135 tools across 4 categories: Destructive, Execute, Read, Write. 66 are read-only. 69 can modify, create, or delete data.

How do I add Intercept to my Hwpx setup? +

One line change. Instead of running the Hwpx server directly, prefix it with Intercept: intercept -c hwpx.yaml -- npx -y @hwpx-mcp-server. Download a pre-built policy from policylayer.com/policies/hwpx and adjust the limits to match your use case.

// RELATED SERVERS

Other MCP servers with similar tools.

Starter policies available for each. Same risk classification, same one-command setup.

Mcp Api 314 tools
adminautomation
Aibtc 308 tools
adminautomation
SmartBear MCP 243 tools
adminautomation
Google Super 200 tools
adminautomation
Arcane 180 tools
adminautomation
Propresenter 177 tools
adminautomation
Leaper Vision Toolkit 169 tools
adminautomation
Opencut Controller 161 tools
adminautomation

Let agents act without letting them run wild.

Deterministic policy on every MCP tool call. Per-identity grants. Full audit log.

Currently onboarding teams running MCP in production.
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.

// REQUEST EARLY ACCESS

We're letting people in as fast as we can.

You're in the queue.

We'll be in touch as soon as we can let you in.