// SCAN REPORT

Mcp Sitecore

153 tools. 87 can modify or destroy data without limits.

24 destructive tools with no built-in limits. Policy required.

Last updated:

87 can modify or destroy data
66 read-only
153 tools total
// TOOL MAP
Read (66) Write / Execute (63) Destructive / Financial (24)
// WHAT CAN GO WRONG

Destructive tools (common-remove-archive-item, common-remove-base-template-by-id, common-remove-base-template-by-path) permanently delete resources. There is no undo. An agent calling these in a retry loop causes irreversible damage.

Write operations (common-add-base-template-by-id, common-add-base-template-by-path, common-add-item-version-by-id) modify state. Without rate limits, an agent can make hundreds of changes in seconds — faster than any human can review or revert.

Execute tools (common-invoke-workflow-by-id, common-invoke-workflow-by-path, common-new-item-clone-by-id) trigger processes with side effects. Builds, notifications, workflows — all fired without throttling.

One command. Full control.

Intercept sits between your agent and Mcp Sitecore. Every tool call checked against your policy before it executes — so your agent can do its job without breaking things.

npx -y @policylayer/intercept scan -- npx -y @antonytm/mcp-sitecore-server
Scans every tool. Generates a policy. Starts enforcing.
Works with Claude Code · Cursor · Claude Desktop · Windsurf · any MCP client
// RECOMMENDED RULES
Deny destructive operations
common-remove-archive-item:
  rules:
    - action: deny

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
common-add-base-template-by-id:
  rules:
    - rate_limit: 30/hour

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
common-get-archive:
  rules:
    - rate_limit: 60/minute

Controls API costs and prevents retry loops from exhausting upstream rate limits.

// ALL 153 MCP SITECORE TOOLS
DESTRUCTIVE 24 tools
Destructive common-remove-archive-item Destructive common-remove-base-template-by-id Destructive common-remove-base-template-by-path Destructive common-remove-item-version-by-id Destructive common-remove-item-version-by-path Destructive common-reset-item-field-by-id Destructive common-reset-item-field-by-path Destructive indexing-remove-search-index-item-by-id Destructive indexing-remove-search-index-item-by-path Destructive item-service-delete-item Destructive presentation-remove-placeholder-setting-by-id Destructive presentation-remove-placeholder-setting-by-path Destructive presentation-remove-rendering-by-id Destructive presentation-remove-rendering-by-path Destructive presentation-remove-rendering-parameter-by-id Destructive presentation-remove-rendering-parameter-by-path Destructive presentation-reset-layout-by-id Destructive presentation-reset-layout-by-path Destructive security-clear-item-acl-by-id Destructive security-clear-item-acl-by-path Destructive security-remove-domain Destructive security-remove-role Destructive security-remove-role-member Destructive security-remove-user
EXECUTE 17 tools
Execute common-invoke-workflow-by-id Execute common-invoke-workflow-by-path Execute common-new-item-clone-by-id Execute common-new-item-clone-by-path Execute common-new-item-workflow-event-by-id Execute common-new-item-workflow-event-by-path Execute common-restart-application Execute indexing-initialize-search-index Execute indexing-initialize-search-index-item-by-id Execute indexing-initialize-search-index-item-by-path Execute indexing-stop-search-index Execute item-service-run-stored-query Execute item-service-run-stored-search Execute run-powershell-script Execute security-new-domain Execute security-new-role Execute security-new-user
WRITE 46 tools
Write common-add-base-template-by-id Write common-add-base-template-by-path Write common-add-item-version-by-id Write common-add-item-version-by-path Write common-convert-from-item-clone-by-id Write common-convert-from-item-clone-by-path Write common-publish-item-by-id Write common-publish-item-by-path Write common-restore-archive-item Write common-set-item-template-by-id Write common-set-item-template-by-path Write common-update-item-referrer-by-id Write common-update-item-referrer-by-path Write indexing-resume-search-index Write indexing-suspend-search-index Write item-service-create-item Write item-service-edit-item Write presentation-add-placeholder-setting-by-id Write presentation-add-placeholder-setting-by-path Write presentation-add-rendering-by-id Write presentation-add-rendering-by-path Write presentation-merge-layout-by-id Write presentation-merge-layout-by-path Write presentation-set-layout-by-id Write presentation-set-layout-by-path Write presentation-set-rendering-by-id Write presentation-set-rendering-by-path Write presentation-set-rendering-parameter-by-id Write presentation-set-rendering-parameter-by-path Write presentation-switch-rendering-by-id Write presentation-switch-rendering-by-path Write presentation-switch-rendering-by-unique-id Write security-add-item-acl-by-id Write security-add-item-acl-by-path Write security-add-role-member Write security-disable-user Write security-enable-user Write security-lock-item-by-id Write security-lock-item-by-path Write security-set-item-acl-by-id Write security-set-item-acl-by-path Write security-set-user Write security-set-user-password Write security-unlock-item-by-id Write security-unlock-item-by-path Write security-unlock-user
READ 66 tools
Read common-get-archive Read common-get-archive-item Read common-get-cache Read common-get-database Read common-get-item-clone-by-id Read common-get-item-clone-by-path Read common-get-item-field-by-id Read common-get-item-field-by-path Read common-get-item-reference-by-id Read common-get-item-reference-by-path Read common-get-item-referrer-by-id Read common-get-item-referrer-by-path Read common-get-item-template-by-id Read common-get-item-template-by-path Read common-get-item-workflow-event-by-id Read common-get-item-workflow-event-by-path Read common-get-sitecore-job Read common-test-base-template-by-id Read common-test-base-template-by-path Read config Read get-powershell-documentation Read indexing-find-item Read indexing-get-search-index Read introspection-graphql-edge Read introspection-graphql-master Read item-service-get-item Read item-service-get-item-by-path Read item-service-get-item-children Read item-service-get-item-descendants Read item-service-get-languages Read item-service-search-items Read logging-get-logs Read presentation-get-default-layout-device Read presentation-get-layout-by-id Read presentation-get-layout-by-path Read presentation-get-layout-device Read presentation-get-placeholder-setting-by-id Read presentation-get-placeholder-setting-by-path Read presentation-get-rendering-by-id Read presentation-get-rendering-by-path Read presentation-get-rendering-parameter-by-id Read presentation-get-rendering-parameter-by-path Read provider-get-item-by-id Read provider-get-item-by-path Read provider-get-item-by-query Read provider-get-item-by-uri Read query-graphql-edge Read query-graphql-master Read security-get-current-user Read security-get-domain Read security-get-domain-by-name Read security-get-item-acl-by-id Read security-get-item-acl-by-path Read security-get-role-by-filter Read security-get-role-by-identity Read security-get-role-member Read security-get-user-by-filter Read security-get-user-by-identity Read security-protect-item-by-id Read security-protect-item-by-path Read security-test-account Read security-test-item-acl-by-id Read security-test-item-acl-by-path Read security-unprotect-item-by-id Read security-unprotect-item-by-path Read sitecore-cli-documentation
// FAQ
Can an AI agent delete data through the Mcp Sitecore MCP server? +

Yes. The Mcp Sitecore server exposes 24 destructive tools including common-remove-archive-item, common-remove-base-template-by-id, common-remove-base-template-by-path. These permanently remove resources with no undo. Intercept blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Mcp Sitecore? +

The Mcp Sitecore server has 46 write tools including common-add-base-template-by-id, common-add-base-template-by-path, common-add-item-version-by-id. Set rate limits in your policy file -- for example, rate_limit: 10/hour prevents an agent from making more than 10 modifications per hour. Intercept enforces this at the transport layer.

How many tools does the Mcp Sitecore MCP server expose? +

153 tools across 4 categories: Destructive, Execute, Read, Write. 66 are read-only. 87 can modify, create, or delete data.

How do I add Intercept to my Mcp Sitecore setup? +

One line change. Instead of running the Mcp Sitecore server directly, prefix it with Intercept: intercept -c io-github-antonytm-mcp-sitecore-server.yaml -- npx -y @@antonytm/mcp-sitecore-server. Download a pre-built policy from policylayer.com/policies/io-github-antonytm-mcp-sitecore-server and adjust the limits to match your use case.

// RELATED SERVERS

Other MCP servers with similar tools.

Starter policies available for each. Same risk classification, same one-command setup.

Mcp Api 310 tools
adminautomation
Aibtc 288 tools
adminautomation
Google Super 200 tools
adminautomation
Propresenter 177 tools
adminautomation
Leaper Vision Toolkit 169 tools
adminautomation
SmartBear MCP 147 tools
adminautomation
Slack 143 tools
adminautomation
Xdevplatform/xmcp 135 tools
adminautomation
policylayer/intercept

Control every MCP tool call
your agent makes.

Set budgets, approvals, and hard limits across MCP servers.

See what your agent can do
or control your agent now
npx -y @policylayer/intercept
Drop-in. No agent changes required.
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.