// SCAN REPORT

Search

36 tools. 21 can modify or destroy data without limits.

1 destructive tool with no built-in limits. Policy required.

Last updated:

21 can modify or destroy data
15 read-only
36 tools total

Community server · catalogue entry verified 12/06/2026

How to control Search ↓

TOOL MAP

What Search exposes to your agents

Read (15) Write / Execute (19) Destructive / Financial (1)

Running more than one server? Check your whole stack →

MOST DANGEROUS TOOLS
Critical Risk

The most dangerous Search tools

Destructive · Medium browser_close_tab Closing a browser tab is an irreversible action that destroys the current tab's state, session, and any unsaved data within it. Execute · High browser_evaluate This tool enables code execution with side effects that depend entirely on the JavaScript payload supplied. Execute · Medium browser_navigate While navigation is less severe than clicking or evaluating scripts, it is still an Execute action because it triggers external operations (loading remote pages, executing their scripts, etc.) whose effects depend on the Execute · Medium browser_new_tab Opening a new tab is a browser action that initiates an external operation whose effects depend on subsequent arguments and user interaction.

21 of Search's 36 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

POLICY

How to control Search

PolicyLayer is an MCP gateway — it sits between your AI agents and Search, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations
{
  "browser_close_tab": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "create_directory": {
    "limits": [
      {
        "counter": "create_directory_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "browser_get_download_list": {
    "limits": [
      {
        "counter": "browser_get_download_list_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Search — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON SEARCH →

Free to start. No card required.

FULL CATALOGUE

All 36 Search tools

DESTRUCTIVE 1 tools
Destructive browser_close_tab Close the current tab
EXECUTE 15 tools
Execute browser_evaluate Execute JavaScript in the browser console Execute browser_navigate Navigate to a URL Execute browser_new_tab Open a new tab Execute run_command Run a command on this Execute run_script Run a script on this Execute browser_go_back Go back to the previous page Execute browser_go_forward Go forward to the next page Execute browser_hover Hover an element on the page, Either Execute browser_click Click an element on the page, before using the tool, use Execute browser_form_input_fill Fill out an input field, before using the tool, Either Execute browser_press_key Press a key on the keyboard Execute browser_scroll Scroll the page Execute browser_select Select an element on the page with index, Either Execute browser_switch_tab Switch to a specific tab Execute browser_vision_screen_click Click left mouse button on the page with vision and snapshot, before calling this tool, you should call
WRITE 4 tools
Write create_directory Create a new directory or ensure a directory exists. Can create multiple Write edit_file Make line-based edits to a text file. Each edit replaces exact line sequences Write move_file Move or rename files and directories. Can move files between directories Write write_file Create a new file or completely overwrite an existing file with new content.
READ 15 tools
Read browser_get_download_list Get the list of downloaded files Read browser_get_markdown Get the markdown content of the current page Read browser_get_text Get the text content of the current page Read browser_read_links Get all links on the current page Read browser_screenshot Take a screenshot of the current page or a specific element Read browser_tab_list Get the list of tabs Read browser_vision_screen_capture Take a screenshot of the current page for vision mode Read directory_tree Get a recursive tree view of files and directories as a JSON structure. Read get_file_info Retrieve detailed metadata about a file or directory. Returns comprehensive Read list_allowed_directories Returns the list of directories that this server is allowed to access. Read list_directory Get a detailed listing of all files and directories in a specified path. Read read_file Read the complete contents of a file from the file system. Read read_multiple_files Read the contents of multiple files simultaneously. This is more Read search_files Recursively search for files and directories matching a pattern. Read web_search Search the web for information
OTHER 1 tools
Other test_tool Test tool
EXPLORE

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Sperax Ecosystem Crypto & DeFI MCP Server 1318 tools
automation
Mcp Afip 1300 tools
automation
Mcp Ap2 1300 tools
automation
BNB Chain MCP 1240 tools
automation
Nodebench 824 tools
automation
Amazon Bedrock Knowledge Base Retrieval MCP Server 805 tools
automation
Amazon Data Processing MCP Server 805 tools
automation
Amazon ECS MCP Server 805 tools
automation
FAQ

Questions about Search

Can an AI agent delete data through the Search MCP server? +

Yes. The Search server exposes 1 destructive tools including browser_close_tab. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Search? +

The Search server has 4 write tools including create_directory, edit_file, move_file. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Search.

How many tools does the Search MCP server expose? +

36 tools across 3 categories: Execute, Read, Write. 15 are read-only. 21 can modify, create, or delete data.

How do I enforce a policy on Search? +

Register the Search MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Search tool call.

Deterministic rules across all 36 Search tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

ENFORCE POLICY ON SEARCH →

Free to start. No card required.

36 Search tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.