Enforce policies on every tool call to the Indigo MCP Server. 59 tools with suggested default rules ready to customise.
Last updated:
This policy includes sensible default rules. Download it, adjust the limits to match your use case, and run with Intercept.
# Download policy with default rules
curl -o io-github-indigoprotocol-indigo-mcp.yaml https://raw.githubusercontent.com/policylayer/intercept/main/policies/io-github-indigoprotocol-indigo-mcp.yaml # Run with Intercept
intercept --policy io-github-indigoprotocol-indigo-mcp.yaml -- npx -y @@indigoprotocol/indigo-mcp Server documentation: https://github.com/IndigoProtocol/indigo-mcp
This policy includes suggested default rules for common use cases. Adjust rate limits, add argument validation, or remove rules you don't need.
version: "1" description: "Policy for @indigoprotocol/indigo-mcp" # Set to "deny" to reject tool calls not listed below default: "allow" tools: # -- Financial Tools ---------------------------------------- # deposit_cdp: Deposit additional collateral into a CDP — builds an unsigned transaction (CBOR hex) for client-side signing deposit_cdp: rules: - action: deny on_deny: "Financial operation requires approval" # withdraw_cdp: Withdraw collateral from a CDP — builds an unsigned transaction (CBOR hex) for client-side signing withdraw_cdp: rules: - action: deny on_deny: "Financial operation requires approval" # -- Destructive Tools ---------------------------------------- # adjust_staking_position: Adjust an existing INDY staking position (add or remove INDY). Returns an unsigned transaction (CBOR hex) for client-side signing. adjust_staking_position: rules: - action: deny on_deny: "Destructive operation blocked by policy" # annul_sp_request: Cancel a pending stability pool request. Returns an unsigned transaction (CBOR hex) for client-side signing. annul_sp_request: rules: - action: deny on_deny: "Destructive operation blocked by policy" # cancel_rob: Cancel an existing ROB position. Returns an unsigned transaction (CBOR hex) for client-side signing. cancel_rob: rules: - action: deny on_deny: "Destructive operation blocked by policy" # -- Write Tools ---------------------------------------- # adjust_rob: Adjust ADA amount in an ROB position (positive to increase, negative to decrease). Optionally update the max price. Returns an unsigned transaction (CBOR hex) for client-side signing. adjust_rob: rules: - action: allow rate_limit: 30/hour # close_cdp: Close a CDP and reclaim collateral — builds an unsigned transaction (CBOR hex) for client-side signing close_cdp: rules: - action: allow rate_limit: 30/hour # close_sp_account: Close a stability pool account and withdraw all deposited iAssets. Returns an unsigned transaction (CBOR hex) for client-side signing. close_sp_account: rules: - action: allow rate_limit: 30/hour # close_staking_position: Close an INDY staking position and unstake all INDY. Returns an unsigned transaction (CBOR hex) for client-side signing. close_staking_position: rules: - action: allow rate_limit: 30/hour # create_sp_account: Create a new stability pool account by depositing iAssets. Returns an unsigned transaction (CBOR hex) for client-side signing. create_sp_account: rules: - action: allow rate_limit: 30/hour # merge_cdps: Merge multiple CDPs into one — builds an unsigned transaction (CBOR hex) for client-side signing merge_cdps: rules: - action: allow rate_limit: 30/hour # open_cdp: Open a new CDP position — builds an unsigned transaction (CBOR hex) for client-side signing open_cdp: rules: - action: allow rate_limit: 30/hour # open_rob: Open a new ROB (Redemption Order Book) position with ADA and a max price limit. Returns an unsigned transaction (CBOR hex) for client-side signing. open_rob: rules: - action: allow rate_limit: 30/hour # open_staking_position: Stake INDY tokens by creating a new staking position. Returns an unsigned transaction (CBOR hex) for client-side signing. open_staking_position: rules: - action: allow rate_limit: 30/hour # -- Read Tools ---------------------------------------- # adjust_sp_account: Deposit to or withdraw from an existing stability pool account. Positive amount deposits, negative withdraws. Returns an unsigned transaction (CBOR hex) for client-side signing. adjust_sp_account: rules: - action: allow rate_limit: 60/minute # analyze_cdp_health: Analyze health and collateral ratios of CDPs for an owner analyze_cdp_health: rules: - action: allow rate_limit: 60/minute # burn_cdp: Burn iAssets to reduce CDP debt — builds an unsigned transaction (CBOR hex) for client-side signing burn_cdp: rules: - action: allow rate_limit: 60/minute # claim_rob: Claim received iAssets from an ROB position. Returns an unsigned transaction (CBOR hex) for client-side signing. claim_rob: rules: - action: allow rate_limit: 60/minute # distribute_staking_rewards: Distribute collected ADA rewards from collector UTxOs to staking positions. This is a protocol maintenance operation that anyone can call. Returns an unsigned transaction (CBOR hex) for client-side signing. distribute_staking_rewards: rules: - action: allow rate_limit: 60/minute # freeze_cdp: Freeze a CDP to prevent further operations until unfrozen — builds an unsigned transaction (CBOR hex) for client-side signing freeze_cdp: rules: - action: allow rate_limit: 60/minute # get_ada_price: Get the current ADA price in USD get_ada_price: rules: - action: allow rate_limit: 60/minute # get_all_cdps: Get all CDPs/loans, optionally filtered by iAsset get_all_cdps: rules: - action: allow rate_limit: 60/minute # get_apr_by_key: Get APR for a specific key get_apr_by_key: rules: - action: allow rate_limit: 60/minute # get_apr_rewards: Get all APR reward records get_apr_rewards: rules: - action: allow rate_limit: 60/minute # get_asset: Get details for a specific Indigo iAsset get_asset: rules: - action: allow rate_limit: 60/minute # get_asset_price: Get the current price for a specific Indigo iAsset get_asset_price: rules: - action: allow rate_limit: 60/minute # get_assets: Get all Indigo iAssets with prices and interest data get_assets: rules: - action: allow rate_limit: 60/minute # get_blockfrost_balances: Get token balances for a Cardano address via Blockfrost get_blockfrost_balances: rules: - action: allow rate_limit: 60/minute # get_cdps_by_address: Get all CDPs/loans for a specific Cardano address get_cdps_by_address: rules: - action: allow rate_limit: 60/minute # get_cdps_by_owner: Get all CDPs/loans for a specific owner (accepts payment key hash or bech32 address) get_cdps_by_owner: rules: - action: allow rate_limit: 60/minute # get_collector_utxos: Get collector UTXOs for fee distribution get_collector_utxos: rules: - action: allow rate_limit: 60/minute # get_dex_yields: Get DEX farm yields for iAsset pairs get_dex_yields: rules: - action: allow rate_limit: 60/minute # get_indy_price: Get the current INDY token price in ADA and USD get_indy_price: rules: - action: allow rate_limit: 60/minute # get_iris_liquidity_pools: Get liquidity pools from Iris, optionally filtered by tokens or DEX get_iris_liquidity_pools: rules: - action: allow rate_limit: 60/minute # get_order_book: Get open limited redemption positions from the order book, optionally filtered by asset or owners get_order_book: rules: - action: allow rate_limit: 60/minute # get_polls: Get all governance polls get_polls: rules: - action: allow rate_limit: 60/minute # get_protocol_params: Get latest governance protocol parameters get_protocol_params: rules: - action: allow rate_limit: 60/minute # get_protocol_stats: Get aggregated protocol statistics get_protocol_stats: rules: - action: allow rate_limit: 60/minute # get_redemption_orders: Get redemption orders, optionally filtered by timestamp or price range get_redemption_orders: rules: - action: allow rate_limit: 60/minute # get_redemption_queue: Get aggregated redemption queue for a specific iAsset, sorted by max price ascending get_redemption_queue: rules: - action: allow rate_limit: 60/minute # get_sp_account_by_owner: Get stability pool accounts for specific owners (accepts payment key hashes or bech32 addresses) get_sp_account_by_owner: rules: - action: allow rate_limit: 60/minute # get_stability_pool_accounts: Get all open stability pool accounts, optionally filtered by iAsset get_stability_pool_accounts: rules: - action: allow rate_limit: 60/minute # get_stability_pools: Get the latest stability pool state for each iAsset (snapshotP, snapshotD, snapshotS, epoch, scale) get_stability_pools: rules: - action: allow rate_limit: 60/minute # get_staking_info: Get the current INDY staking manager state (slot, outputHash, totalStake, snapshotAda) get_staking_info: rules: - action: allow rate_limit: 60/minute # get_staking_position_by_address: Get INDY staking positions for a single Cardano address get_staking_position_by_address: rules: - action: allow rate_limit: 60/minute # get_staking_positions: Get all open INDY staking positions get_staking_positions: rules: - action: allow rate_limit: 60/minute # get_staking_positions_by_owner: Get INDY staking positions for specific owners (accepts payment key hashes or bech32 addresses) get_staking_positions_by_owner: rules: - action: allow rate_limit: 60/minute # get_steelswap_estimate: Get a swap estimate from Steelswap DEX get_steelswap_estimate: rules: - action: allow rate_limit: 60/minute # get_steelswap_tokens: Get all tokens available on Steelswap DEX get_steelswap_tokens: rules: - action: allow rate_limit: 60/minute # get_temperature_checks: Get temperature check polls get_temperature_checks: rules: - action: allow rate_limit: 60/minute # get_tvl: Get historical TVL data from DefiLlama get_tvl: rules: - action: allow rate_limit: 60/minute # leverage_cdp: Open a leveraged CDP by redeeming against ROB positions — builds an unsigned transaction (CBOR hex) for client-side signing leverage_cdp: rules: - action: allow rate_limit: 60/minute # liquidate_cdp: Liquidate an undercollateralized CDP through the stability pool — builds an unsigned transaction (CBOR hex) for client-side signing liquidate_cdp: rules: - action: allow rate_limit: 60/minute # mint_cdp: Mint additional iAssets from an existing CDP (increases debt) — builds an unsigned transaction (CBOR hex) for client-side signing mint_cdp: rules: - action: allow rate_limit: 60/minute # process_sp_request: Process a pending stability pool request (protocol maintenance operation). Returns an unsigned transaction (CBOR hex) for client-side signing. process_sp_request: rules: - action: allow rate_limit: 60/minute # redeem_cdp: Redeem iAssets from a CDP — builds an unsigned transaction (CBOR hex) for client-side signing. To redeem the maximum possible, pass the total minted amount. redeem_cdp: rules: - action: allow rate_limit: 60/minute # redeem_rob: Redeem iAssets against one or more ROB positions. Returns an unsigned transaction (CBOR hex) for client-side signing. redeem_rob: rules: - action: allow rate_limit: 60/minute # retrieve_from_ipfs: Retrieve content from IPFS by CID retrieve_from_ipfs: rules: - action: allow rate_limit: 60/minute # store_on_ipfs: Store text content on IPFS store_on_ipfs: rules: - action: allow rate_limit: 60/minute
Yes. The Indigo server exposes 2 financial tools including deposit_cdp, withdraw_cdp. Without a policy, an autonomous agent can call these with no spend caps, no rate limits, and no approval flow. Intercept lets you block financial tools by default or set per-tool rate limits.
Yes. The Indigo server exposes 3 destructive tools including adjust_staking_position, annul_sp_request, cancel_rob. These permanently remove resources with no undo. Intercept blocks destructive tools by default so they never reach the upstream server.
The Indigo server has 9 write tools including adjust_rob, close_cdp, close_sp_account. Set rate limits in your policy file -- for example, rate_limit: 10/hour prevents an agent from making more than 10 modifications per hour. Intercept enforces this at the transport layer.
59 tools across 4 categories: Destructive, Financial, Read, Write. 45 are read-only. 14 can modify, create, or delete data.
One line change. Instead of running the Indigo server directly, prefix it with Intercept: intercept -c io-github-indigoprotocol-indigo-mcp.yaml -- npx -y @@indigoprotocol/indigo-mcp. Download a pre-built policy from policylayer.com/policies/io-github-indigoprotocol-indigo-mcp and adjust the limits to match your use case.
Open source. One binary. Zero dependencies.
npx -y @policylayer/intercept