// SCAN REPORT

Mcp Asc

69 tools. 17 can modify or destroy data without limits.

1 destructive tool with no built-in limits. Policy required.

Last updated:

17 can modify or destroy data
52 read-only
69 tools total

17 Mcp Asc tools can modify or destroy data, with no limits today. PolicyLayer puts allow, deny, and rate-limit rules on every call. Live in minutes.

SECURE MCP ASC →

Free to start. No card required.

TOOL MAP

Read (52) Write / Execute (16) Destructive / Financial (1)

WHAT CAN GO WRONG

Destructive tools (remove-beta-testers-from-group) permanently delete resources. There is no undo. An agent calling these in a retry loop causes irreversible damage.

Write operations (add-beta-testers-to-group, create-app-store-version, create-customer-review-response) modify state. Without rate limits, an agent can make hundreds of changes in seconds — faster than any human can review or revert.

RECOMMENDED RULES

Deny destructive operations
{
  "remove-beta-testers-from-group": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "add-beta-testers-to-group": {
    "limits": [
      {
        "counter": "add-beta-testers-to-group_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "download-finance-report": {
    "limits": [
      {
        "counter": "download-finance-report_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

Get this policy live on your own Mcp Asc server in minutes. Tune the limits to your setup; PolicyLayer enforces it on every call.

ENFORCE ON MY MCP ASC →

ALL 69 MCP ASC TOOLS

DESTRUCTIVE 1 tools
Destructive remove-beta-testers-from-group
WRITE 16 tools
Write add-beta-testers-to-group Write create-app-store-version Write create-customer-review-response Write create-phased-release Write create-subscription Write create-subscription-availability Write create-subscription-group Write create-subscription-localization Write create-subscription-price Write submit-for-review Write update-age-rating-declaration Write update-app-store-review-detail Write update-app-store-version Write update-app-store-version-localization Write update-beta-license-agreement Write update-eula
READ 52 tools
Read download-finance-report Read download-sales-report Read get-actor Read get-app Read get-app-availability Read get-app-info Read get-app-store-review-detail Read get-app-store-version Read get-beta-group Read get-beta-license-agreement Read get-beta-tester Read get-build Read get-bundle-id Read get-certificate Read get-device Read get-eula Read get-phased-release Read get-pre-release-version Read get-review-submission Read get-subscription Read get-user Read list-actors Read list-app-categories Read list-app-encryption-declarations Read list-app-infos Read list-app-store-version-localizations Read list-app-store-versions Read list-apps Read list-beta-app-localizations Read list-beta-app-review-details Read list-beta-app-review-submissions Read list-beta-groups Read list-beta-license-agreements Read list-beta-testers Read list-build-beta-details Read list-builds Read list-bundle-ids Read list-certificates Read list-ci-products Read list-customer-reviews Read list-devices Read list-nominations Read list-pre-release-versions Read list-profiles Read list-review-submissions Read list-schemes Read list-subscription-group-subscriptions Read list-subscription-groups Read list-subscription-price-points Read list-territories Read list-user-invitations Read list-users

FAQ

Can an AI agent delete data through the Mcp Asc MCP server? +

Yes. The Mcp Asc server exposes 1 destructive tools including remove-beta-testers-from-group. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Mcp Asc? +

The Mcp Asc server has 16 write tools including add-beta-testers-to-group, create-app-store-version, create-customer-review-response. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Mcp Asc.

How many tools does the Mcp Asc MCP server expose? +

69 tools across 3 categories: Destructive, Read, Write. 52 are read-only. 17 can modify, create, or delete data.

How do I enforce a policy on Mcp Asc? +

Register the Mcp Asc MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

// RELATED SERVERS

Other MCP servers with similar tools.

Starter policies for each. Same risk classification, live on your fleet in minutes.

Nodebench 724 tools
admin
AdButler 622 tools
admin
UnClick 451 tools
admin
NowAIKit — ServiceNow AI Toolkit 446 tools
admin
0nmcp 407 tools
admin
ServiceNow MCP Server 384 tools
admin
TheProtocol — Sovereign AI Agent Platform 380 tools
admin
Aibtc 327 tools
admin

Enforce policy on every Mcp Asc tool call.

Deterministic rules across all 69 Mcp Asc tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

SECURE MCP ASC →

Free to start. No card required.

4,600+ MCP servers and 31,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.