// SCAN REPORT

Aibtc

308 tools. 101 can modify or destroy data without limits.

29 destructive tools with no built-in limits. Policy required.

Last updated:

101 can modify or destroy data
207 read-only
308 tools total
// TOOL MAP
Read (207) Write / Execute (72) Destructive / Financial (29)
// WHAT CAN GO WRONG

Financial operations (identity_transfer, jingswap_deposit_sbtc, jingswap_deposit_stx) can move real money. An agent caught in a loop could drain accounts before anyone notices.

Destructive tools (credentials_delete, identity_unset_wallet, jingswap_cancel_cycle) permanently delete resources. There is no undo. An agent calling these in a retry loop causes irreversible damage.

Write operations (bounty_create, credentials_set, credentials_unlock) modify state. Without rate limits, an agent can make hundreds of changes in seconds — faster than any human can review or revert.

Execute tools (alex_swap, arxiv_compile_digest, deploy_contract) trigger processes with side effects. Builds, notifications, workflows — all fired without throttling.

// RECOMMENDED RULES
Block financial tools by default
identity_transfer:
  rules:
    - action: deny

Financial tools should be explicitly enabled per use case, not open by default.

Deny destructive operations
credentials_delete:
  rules:
    - action: deny

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
bounty_create:
  rules:
    - rate_limit: 30/hour

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
alex_get_pool_info:
  rules:
    - rate_limit: 60/minute

Controls API costs and prevents retry loops from exhausting upstream rate limits.

// ALL 308 AIBTC TOOLS
FINANCIAL 17 tools
Financial identity_transfer Financial jingswap_deposit_sbtc Financial jingswap_deposit_stx Financial lightning_claim_deposit Financial lightning_pay_invoice Financial ordinals_p2p_transfer Financial pillar_direct_withdraw_collateral Financial sbtc_deposit Financial sbtc_transfer Financial sbtc_withdraw Financial styx_deposit Financial transfer_btc Financial transfer_nft Financial transfer_rune Financial transfer_stx Financial transfer_token Financial zest_withdraw
DESTRUCTIVE 12 tools
Destructive credentials_delete Destructive identity_unset_wallet Destructive jingswap_cancel_cycle Destructive jingswap_cancel_sbtc Destructive jingswap_cancel_stx Destructive ordinals_cancel_listing Destructive ordinals_p2p_cancel Destructive pillar_direct_revoke_fast_pool Destructive recover_sponsor_nonce Destructive reputation_revoke_feedback Destructive stackspot_cancel_pot Destructive wallet_delete
EXECUTE 16 tools
Execute alex_swap Execute arxiv_compile_digest Execute deploy_contract Execute dual_stacking_enroll Execute dual_stacking_opt_out Execute execute_x402_endpoint Execute news_file_signal Execute news_publisher_compile_brief Execute nonce_heal Execute pillar_direct_auto_compound Execute probe_x402_endpoint Execute scaffold_x402_ai_endpoint Execute scaffold_x402_endpoint Execute stackspot_start_pot Execute yield_hunter_start Execute yield_hunter_stop
WRITE 56 tools
Write bounty_create Write credentials_set Write credentials_unlock Write identity_register Write identity_set_approval Write identity_set_metadata Write identity_set_uri Write identity_set_wallet Write jingswap_close_deposits Write jingswap_settle_with_refresh Write lightning_create Write lightning_create_invoice Write lightning_import Write lightning_lock Write lightning_unlock Write news_claim_beat Write news_publisher_set_beat_config Write news_register_editor Write nonce_fill_gap Write nostr_post Write nostr_set_profile Write openrouter_integration_guide Write ordinals_p2p_create_offer Write pillar_add_admin Write pillar_auto_compound Write pillar_boost Write pillar_connect Write pillar_create_wallet Write pillar_dca_invite Write pillar_direct_add_admin Write pillar_direct_boost Write pillar_direct_create_wallet Write pillar_direct_dca_invite Write pillar_direct_resolve_recipient Write pillar_direct_send Write pillar_disconnect Write pillar_invite Write pillar_key_generate Write pillar_key_lock Write pillar_key_unlock Write pillar_send Write preorder_bns_name Write register_bns_name Write reputation_approve_client Write sbtc_initiate_withdrawal Write send_inbox_message Write souldinals_inscribe_soul Write wallet_create Write wallet_export Write wallet_import Write wallet_lock Write wallet_set_timeout Write wallet_switch Write wallet_unlock Write yield_hunter_configure Write zest_enable_collateral
READ 207 tools
Read alex_get_pool_info Read alex_get_swap_quote Read alex_list_pools Read arxiv_list_digests Read arxiv_search Read bounty_claim Read bounty_get Read bounty_list Read bounty_match Read bounty_my_claims Read bounty_stats Read bounty_status Read broadcast_transaction Read btc_sign_message Read btc_verify_message Read call_contract Read call_read_only_function Read check_bns_availability Read check_relay_health Read claim_bns_name_fast Read credentials_get Read credentials_list Read dual_stacking_get_rewards Read dual_stacking_status Read extend_stacking Read get_account_info Read get_account_transactions Read get_block_info Read get_bns_info Read get_bns_price Read get_btc_address_txs Read get_btc_balance Read get_btc_fees Read get_btc_mempool_info Read get_btc_transaction_status Read get_btc_utxos Read get_cardinal_utxos Read get_collection_info Read get_contract_events Read get_contract_info Read get_inscriptions_by_address Read get_mempool_info Read get_network_status Read get_nft_history Read get_nft_holdings Read get_nft_metadata Read get_nft_owner Read get_ordinal_utxos Read get_pox_info Read get_rune_balances Read get_rune_utxos Read get_stacking_status Read get_stx_balance Read get_stx_fees Read get_token_balance Read get_token_holders Read get_token_info Read get_transaction_status Read get_wallet_info Read identity_get Read identity_get_last_id Read identity_get_metadata Read jingswap_get_cycle_state Read jingswap_get_cycles_history Read jingswap_get_depositors Read jingswap_get_prices Read jingswap_get_settlement Read jingswap_get_user_activity Read jingswap_get_user_deposit Read jingswap_settle Read lightning_fund_from_btc Read lightning_status Read list_user_domains Read list_user_tokens Read list_x402_endpoints Read lookup_bns_name Read news_check_status Read news_deactivate_editor Read news_editor_check_earnings Read news_editor_file_review Read news_editor_review_signal Read news_file_correction Read news_front_page Read news_leaderboard Read news_list_beats Read news_list_editors Read news_list_signals Read news_record_editor_payout Read nonce_health Read nostr_get_profile Read nostr_get_pubkey Read nostr_read_feed Read nostr_relay_list Read nostr_search_tags Read nostr_sign_event Read openrouter_models Read ordinals_buy Read ordinals_get_listings Read ordinals_list_for_sale Read ordinals_list_for_sale_submit Read ordinals_p2p_agents Read ordinals_p2p_counter Read ordinals_p2p_get_trade Read ordinals_p2p_list_trades Read ordinals_p2p_my_trades Read ordinals_p2p_psbt_swap Read pillar_dca_leaderboard Read pillar_dca_partners Read pillar_dca_status Read pillar_direct_dca_leaderboard Read pillar_direct_dca_partners Read pillar_direct_dca_status Read pillar_direct_position Read pillar_direct_quote Read pillar_direct_stack_stx Read pillar_direct_stacking_status Read pillar_direct_supply Read pillar_direct_unwind Read pillar_fund Read pillar_key_info Read pillar_position Read pillar_status Read pillar_supply Read pillar_unwind Read reputation_append_response Read reputation_get_approved_limit Read reputation_get_clients Read reputation_get_feedback_count Read reputation_get_last_index Read reputation_get_summary Read reputation_give_feedback Read reputation_read_all_feedback Read reputation_read_feedback Read reverse_bns_lookup Read runes_get_activity Read runes_get_address_activity Read runes_get_address_balances Read runes_get_etching Read runes_get_holders Read runes_list_etchings Read sbtc_deposit_status Read sbtc_get_balance Read sbtc_get_deposit_info Read sbtc_get_peg_info Read sbtc_withdraw_status Read sbtc_withdrawal_status Read schnorr_sign_digest Read schnorr_verify_digest Read sip018_hash Read sip018_sign Read sip018_verify Read souldinals_display_soul Read souldinals_list_souls Read souldinals_load_soul Read souldinals_reveal_soul Read stack_stx Read stacks_market_buy_no Read stacks_market_buy_yes Read stacks_market_get Read stacks_market_get_position Read stacks_market_list Read stacks_market_quote_buy Read stacks_market_quote_sell Read stacks_market_redeem Read stacks_market_search Read stacks_market_sell_no Read stacks_market_sell_yes Read stacks_sign_message Read stacks_verify_message Read stackspot_claim_rewards Read stackspot_get_pot_state Read stackspot_join_pot Read stackspot_list_pots Read styx_fees Read styx_history Read styx_pool_status Read styx_pools Read styx_price Read styx_status Read taproot_get_pubkey Read taproot_multisig_guide Read taproot_verify_cosig Read tenero_holder_stats Read tenero_market_stats Read tenero_market_summary Read tenero_search Read tenero_token_info Read tenero_top_gainers Read tenero_top_losers Read tenero_trending_pools Read tenero_wallet_holdings Read tenero_wallet_trades Read tenero_whale_trades Read tx_status_deep Read wallet_list Read wallet_rotate_password Read wallet_status Read yield_dashboard_apy_breakdown Read yield_dashboard_overview Read yield_dashboard_positions Read yield_dashboard_rebalance Read yield_hunter_status Read zest_borrow Read zest_get_position Read zest_list_assets Read zest_repay Read zest_supply
// FAQ
Can an AI agent move money through the Aibtc MCP server? +

Yes. The Aibtc server exposes 17 financial tools including identity_transfer, jingswap_deposit_sbtc, jingswap_deposit_stx. Without a policy, an autonomous agent can call these with no spend caps, no rate limits, and no approval flow. Intercept lets you block financial tools by default or set per-tool rate limits.

Can an AI agent delete data through the Aibtc MCP server? +

Yes. The Aibtc server exposes 12 destructive tools including credentials_delete, identity_unset_wallet, jingswap_cancel_cycle. These permanently remove resources with no undo. Intercept blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Aibtc? +

The Aibtc server has 56 write tools including bounty_create, credentials_set, credentials_unlock. Set rate limits in your policy file -- for example, rate_limit: 10/hour prevents an agent from making more than 10 modifications per hour. Intercept enforces this at the transport layer.

How many tools does the Aibtc MCP server expose? +

308 tools across 5 categories: Destructive, Execute, Financial, Read, Write. 207 are read-only. 101 can modify, create, or delete data.

How do I add Intercept to my Aibtc setup? +

One line change. Instead of running the Aibtc server directly, prefix it with Intercept: intercept -c io-github-aibtcdev-mcp-server.yaml -- npx -y @@aibtc/mcp-server. Download a pre-built policy from policylayer.com/policies/io-github-aibtcdev-mcp-server and adjust the limits to match your use case.

// RELATED SERVERS

Other MCP servers with similar tools.

Starter policies available for each. Same risk classification, same one-command setup.

Agent Passport System — Cryptographic Identity for AI Agents 150 tools
paymentsadminautomation
Xdevplatform/xmcp 135 tools
paymentsadminautomation
Hiveagent 122 tools
paymentsadminautomation
MERX - TRON Resource Exchange 66 tools
paymentsadminautomation
Helius 63 tools
paymentsadminautomation
Indigo Protocol MCP 62 tools
paymentsadminautomation
Clareo 45 tools
paymentsadminautomation
Midnight Nextjs 35 tools
paymentsadminautomation

Let agents act without letting them run wild.

Deterministic policy on every MCP tool call. Per-identity grants. Full audit log.

GET STARTED →
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.