Python MCP Policy -- 14 Tools

// GET STARTED

This policy includes sensible default rules. Download it, adjust the limits to match your use case, and run with Intercept.

terminal

# Download policy with default rules

curl -o io-github-dave-london-pare-python.yaml https://raw.githubusercontent.com/policylayer/intercept/main/policies/io-github-dave-london-pare-python.yaml

# Run with Intercept

intercept --policy io-github-dave-london-pare-python.yaml -- npx -y @@paretools/python

Server documentation: https://github.com/Dave-London/Pare

// ALL TOOLS

READ 9 tools

Read black 2/5 Read mypy 2/5 Read pip-audit 2/5 Read pip-list 2/5 Read pip-show Read pyenv 2/5 Read pytest 2/5 Read ruff-check 2/5 Read ruff-format 2/5

WRITE 2 tools

Write pip-install 3/5 Write uv-install 4/5

DESTRUCTIVE 2 tools

Destructive conda 5/5 Destructive poetry 5/5

EXECUTE 1 tools

Execute uv-run 5/5

// POLICY YAML

This policy includes suggested default rules for common use cases. Adjust rate limits, add argument validation, or remove rules you don't need.

io-github-dave-london-pare-python.yaml

version: "1"
description: "Policy for @paretools/python"
# Set to "deny" to reject tool calls not listed below
default: "allow"

tools:
    # -- Destructive Tools ----------------------------------------
    # conda: Runs conda commands (list, info, env-list, create, remove, update) and returns structured JSON output.
    conda:
        rules:
          - action: deny
            on_deny: "Destructive operation blocked by policy"
    # poetry: Runs Poetry commands and returns structured output. Supports install, add, remove, show, build, update, lock, check, and export actions.
    poetry:
        rules:
          - action: deny
            on_deny: "Destructive operation blocked by policy"

    # -- Execute Tools ----------------------------------------
    # uv-run: Runs a command in a uv-managed environment and returns structured output.
    uv-run:
        rules:
          - action: allow
            rate_limit: 10/hour
            validate:
              required_args: true

    # -- Write Tools ----------------------------------------
    # pip-install: Runs pip install and returns a structured summary of installed packages. WARNING: may execute untrusted code.
    pip-install:
        rules:
          - action: allow
            rate_limit: 30/hour
    # uv-install: Runs uv pip install and returns a structured summary of installed packages. WARNING: may execute untrusted code.
    uv-install:
        rules:
          - action: allow
            rate_limit: 30/hour

    # -- Read Tools ----------------------------------------
    # black: Runs Black code formatter and returns structured results (files changed, unchanged, would reformat).
    black:
        rules:
          - action: allow
            rate_limit: 60/minute
    # mypy: Runs mypy and returns structured type-check diagnostics (file, line, severity, message, code).
    mypy:
        rules:
          - action: allow
            rate_limit: 60/minute
    # pip-audit: Runs pip-audit and returns a structured vulnerability report.
    pip-audit:
        rules:
          - action: allow
            rate_limit: 60/minute
    # pip-list: Runs pip list and returns a structured list of installed packages.
    pip-list:
        rules:
          - action: allow
            rate_limit: 60/minute
    # pip-show: Runs pip show and returns structured package metadata (name, version, summary, dependencies). Supports multiple packages in a single call.
    pip-show:
        rules:
          - action: allow
            rate_limit: 60/minute
    # pyenv: Manages Python versions via pyenv.
    pyenv:
        rules:
          - action: allow
            rate_limit: 60/minute
    # pytest: Runs pytest and returns structured test results (passed, failed, errors, skipped, failures).
    pytest:
        rules:
          - action: allow
            rate_limit: 60/minute
    # ruff-check: Runs ruff check and returns structured lint diagnostics (file, line, code, message).
    ruff-check:
        rules:
          - action: allow
            rate_limit: 60/minute
    # ruff-format: Runs ruff format and returns structured results (files changed, file list).
    ruff-format:
        rules:
          - action: allow
            rate_limit: 60/minute

// RELATED POLICIES

// FAQ

Can an AI agent delete data through the Python MCP server? +

Yes. The Python server exposes 2 destructive tools including conda, poetry. These permanently remove resources with no undo. Intercept blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Python? +

The Python server has 2 write tools including pip-install, uv-install. Set rate limits in your policy file -- for example, rate_limit: 10/hour prevents an agent from making more than 10 modifications per hour. Intercept enforces this at the transport layer.

How many tools does the Python MCP server expose? +

14 tools across 4 categories: Destructive, Execute, Read, Write. 9 are read-only. 5 can modify, create, or delete data.

How do I add Intercept to my Python setup? +

One line change. Instead of running the Python server directly, prefix it with Intercept: intercept -c io-github-dave-london-pare-python.yaml -- npx -y @@paretools/python. Download a pre-built policy from policylayer.com/policies/io-github-dave-london-pare-python and adjust the limits to match your use case.

Python MCP Policy

Enforce policies on Python