// SCAN REPORT

Clawvault

45 tools. 11 can modify or destroy data without limits.

2 destructive tools with no built-in limits. Policy required.

Last updated:

11 can modify or destroy data
34 read-only
45 tools total

11 Clawvault tools can modify or destroy data, with no limits today. PolicyLayer puts allow, deny, and rate-limit rules on every call. Live in minutes.

SECURE CLAWVAULT →

Free to start. No card required.

TOOL MAP

Read (34) Write / Execute (9) Destructive / Financial (2)

WHAT CAN GO WRONG

Financial operations (commerce_refund, withdraw_payment_wallet) can move real money. An agent caught in a loop could drain accounts before anyone notices.

Write operations (cab_enable, cab_send, card_close) modify state. Without rate limits, an agent can make hundreds of changes in seconds — faster than any human can review or revert.

Execute tools (goat_execute_action) trigger processes with side effects. Builds, notifications, workflows — all fired without throttling.

RECOMMENDED RULES

Block financial tools by default
{
  "commerce_refund": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Requires human approval."
      }
    ]
  }
}

Financial tools should be explicitly enabled per use case, not open by default.

Rate limit write operations
{
  "cab_enable": {
    "limits": [
      {
        "counter": "cab_enable_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "a2a_discover": {
    "limits": [
      {
        "counter": "a2a_discover_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

Get this policy live on your own Clawvault server in minutes. Tune the limits to your setup; PolicyLayer enforces it on every call.

ENFORCE ON MY CLAWVAULT →

ALL 45 CLAWVAULT TOOLS

FINANCIAL 2 tools
Financial commerce_refund Financial withdraw_payment_wallet
EXECUTE 1 tools
Execute goat_execute_action
WRITE 8 tools
Write cab_enable Write cab_send Write card_close Write card_purchase Write card_setup Write commerce_order Write disable_credit Write enable_credit
READ 34 tools
Read a2a_discover Read buy_prediction Read card_balance Read card_check Read card_transactions Read check_limits Read commerce_list_orders Read commerce_order_status Read commerce_search Read commerce_tracking Read fund_payment_wallet Read get_cab_balance Read get_credit_history Read get_credit_status Read get_payment_wallet_balance Read get_prediction_positions Read get_prediction_wallet Read get_status Read get_subscription Read get_swap_quote Read get_vaults Read goat_get_action_rules Read goat_list_actions Read list_prediction_markets Read list_transactions Read redeem_prediction Read request_credit Read request_payment Read retrieve_memory Read sell_prediction Read store_memory Read swap_tokens Read upgrade_subscription Read x402_fetch

FAQ

Can an AI agent move money through the Clawvault MCP server? +

Yes. The Clawvault server exposes 2 financial tools including commerce_refund, withdraw_payment_wallet. Without a policy, an autonomous agent can call these with no spend caps, no rate limits, and no approval flow. PolicyLayer lets you block financial tools by default, require human approval, or set per-tool rate limits — enforced on every call.

How do I prevent bulk modifications through Clawvault? +

The Clawvault server has 8 write tools including cab_enable, cab_send, card_close. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Clawvault.

How many tools does the Clawvault MCP server expose? +

45 tools across 4 categories: Execute, Financial, Read, Write. 34 are read-only. 11 can modify, create, or delete data.

How do I enforce a policy on Clawvault? +

Register the Clawvault MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

// RELATED SERVERS

Other MCP servers with similar tools.

Starter policies for each. Same risk classification, live on your fleet in minutes.

0nmcp 407 tools
paymentsautomation
TheProtocol — Sovereign AI Agent Platform 380 tools
paymentsautomation
Aibtc 327 tools
paymentsautomation
SpaceMolt 182 tools
paymentsautomation
Agent Passport System — Cryptographic Identity for AI Agents 150 tools
paymentsautomation
Delx Mcp A2a 143 tools
paymentsautomation
Xdevplatform/xmcp 135 tools
paymentsautomation
MiOffice — AI-Powered Workspace Studio 133 tools
paymentsautomation

Enforce policy on every Clawvault tool call.

Deterministic rules across all 45 Clawvault tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

SECURE CLAWVAULT →

Free to start. No card required.

4,600+ MCP servers and 31,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.