// SCAN REPORT

Preflight Ios

82 tools. 59 can modify or destroy data without limits.

7 destructive tools with no built-in limits. Policy required.

Last updated:

59 can modify or destroy data
23 read-only
82 tools total
// TOOL MAP
Read (23) Write / Execute (52) Destructive / Financial (7)
// WHAT CAN GO WRONG

Destructive tools (simulator_delete_device, simulator_erase, simulator_grant_permission) permanently delete resources. There is no undo. An agent calling these in a retry loop causes irreversible damage.

Write operations (simulator_add_media, simulator_boot, simulator_clone_device) modify state. Without rate limits, an agent can make hundreds of changes in seconds — faster than any human can review or revert.

Execute tools (simulator_biometric, simulator_icloud_sync, simulator_launch_app) trigger processes with side effects. Builds, notifications, workflows — all fired without throttling.

One command. Full control.

Intercept sits between your agent and Preflight Ios. Every tool call checked against your policy before it executes — so your agent can do its job without breaking things.

npx -y @policylayer/intercept scan -- npx -y @preflight-ios-mcp
Scans every tool. Generates a policy. Starts enforcing.
Works with Claude Code · Cursor · Claude Desktop · Windsurf · any MCP client
// RECOMMENDED RULES
Deny destructive operations
simulator_delete_device:
  rules:
    - action: deny

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
simulator_add_media:
  rules:
    - rate_limit: 30/hour

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
simulator_accessibility_audit:
  rules:
    - rate_limit: 60/minute

Controls API costs and prevents retry loops from exhausting upstream rate limits.

// ALL 82 PREFLIGHT IOS TOOLS
DESTRUCTIVE 7 tools
Destructive simulator_delete_device Destructive simulator_erase Destructive simulator_grant_permission Destructive simulator_keychain Destructive simulator_storekit_delete_transactions Destructive simulator_storekit_reset_eligibility Destructive simulator_uninstall_app
EXECUTE 11 tools
Execute simulator_biometric Execute simulator_icloud_sync Execute simulator_launch_app Execute simulator_location_scenario Execute simulator_memory_warning Execute simulator_navigate_back Execute simulator_record_video Execute simulator_stop_recording Execute simulator_stream_logs Execute simulator_trigger_siri Execute simulator_wait_for_element
WRITE 41 tools
Write simulator_add_media Write simulator_boot Write simulator_clone_device Write simulator_create_device Write simulator_defaults_write Write simulator_diagnose Write simulator_element_exists Write simulator_install_app Write simulator_install_app_data Write simulator_location_route Write simulator_long_press Write simulator_network_capture Write simulator_network_condition Write simulator_notify_post Write simulator_open_simulator Write simulator_open_url Write simulator_press_key Write simulator_rename_device Write simulator_rotate Write simulator_sample_process Write simulator_send_push Write simulator_set_appearance Write simulator_set_bold_text Write simulator_set_clipboard Write simulator_set_content_size Write simulator_set_increase_contrast Write simulator_set_locale Write simulator_set_location Write simulator_set_reduce_motion Write simulator_set_reduce_transparency Write simulator_set_smart_invert Write simulator_shutdown Write simulator_storekit_config Write simulator_storekit_manage_subscription Write simulator_storekit_manage_transaction Write simulator_swipe Write simulator_tap Write simulator_terminate_app Write simulator_thermal_state Write simulator_type_text Write simulator_verbose_logging
READ 23 tools
Read simulator_accessibility_audit Read simulator_app_info Read simulator_defaults_read Read simulator_describe_point Read simulator_get_app_container Read simulator_get_booted_sim_id Read simulator_get_clipboard Read simulator_get_crash_logs Read simulator_get_env Read simulator_get_logs Read simulator_get_screen_info Read simulator_heap_info Read simulator_leak_check Read simulator_list_app_files Read simulator_list_apps Read simulator_list_devices Read simulator_network_status Read simulator_override_status_bar Read simulator_read_app_file Read simulator_screenshot Read simulator_snapshot Read simulator_storekit_transactions Read simulator_vmmap
// FAQ
Can an AI agent delete data through the Preflight Ios MCP server? +

Yes. The Preflight Ios server exposes 7 destructive tools including simulator_delete_device, simulator_erase, simulator_grant_permission. These permanently remove resources with no undo. Intercept blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Preflight Ios? +

The Preflight Ios server has 41 write tools including simulator_add_media, simulator_boot, simulator_clone_device. Set rate limits in your policy file -- for example, rate_limit: 10/hour prevents an agent from making more than 10 modifications per hour. Intercept enforces this at the transport layer.

How many tools does the Preflight Ios MCP server expose? +

82 tools across 4 categories: Destructive, Execute, Read, Write. 23 are read-only. 59 can modify, create, or delete data.

How do I add Intercept to my Preflight Ios setup? +

One line change. Instead of running the Preflight Ios server directly, prefix it with Intercept: intercept -c io-github-ethanackerman-git-preflight-ios-mcp.yaml -- npx -y @preflight-ios-mcp. Download a pre-built policy from policylayer.com/policies/io-github-ethanackerman-git-preflight-ios-mcp and adjust the limits to match your use case.

// RELATED SERVERS

Other MCP servers with similar tools.

Starter policies available for each. Same risk classification, same one-command setup.

Mcp Api 310 tools
adminautomation
Aibtc 288 tools
adminautomation
Google Super 200 tools
adminautomation
Propresenter 177 tools
adminautomation
Leaper Vision Toolkit 169 tools
adminautomation
Mcp Sitecore 153 tools
adminautomation
SmartBear MCP 147 tools
adminautomation
Slack 143 tools
adminautomation
policylayer/intercept

Control every MCP tool call
your agent makes.

Set budgets, approvals, and hard limits across MCP servers.

See what your agent can do
or control your agent now
npx -y @policylayer/intercept
Drop-in. No agent changes required.
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.