// SCAN REPORT

Wavix

122 tools. 53 can modify or destroy data without limits.

15 destructive tools with no built-in limits. Policy required.

Last updated:

53 can modify or destroy data
69 read-only
122 tools total

53 Wavix tools can modify or destroy data, with no limits today. PolicyLayer puts allow, deny, and rate-limit rules on every call. Live in minutes.

SECURE WAVIX →

Free to start. No card required.

TOOL MAP

Read (69) Write / Execute (38) Destructive / Financial (15)

CONTEXT-WINDOW COST

24,917 tokens of tool definitions, loaded on every request
12% of a 200k context window
1,611 heaviest tool: api_keys_create

Full per-tool breakdown → Model it in the token calculator →

WHAT CAN GO WRONG

Destructive tools (api_keys_delete, call_control_delete, call_control_streams_delete) permanently delete resources. There is no undo. An agent calling these in a retry loop causes irreversible damage.

Write operations (api_keys_activate, api_keys_create, call_control_create) modify state. Without rate limits, an agent can make hundreds of changes in seconds — faster than any human can review or revert.

Execute tools (call_control_audio_stop) trigger processes with side effects. Builds, notifications, workflows — all fired without throttling.

RECOMMENDED RULES

Deny destructive operations
{
  "api_keys_delete": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "api_keys_activate": {
    "limits": [
      {
        "counter": "api_keys_activate_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "api_keys_deactivate": {
    "limits": [
      {
        "counter": "api_keys_deactivate_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

Get this policy live on your own Wavix server in minutes. Tune the limits to your setup; PolicyLayer enforces it on every call.

ENFORCE ON MY WAVIX →

ALL 122 WAVIX TOOLS

DESTRUCTIVE 15 tools
Destructive api_keys_delete Destructive call_control_delete Destructive call_control_streams_delete Destructive call_recording_delete Destructive call_webhooks_delete Destructive cart_remove Destructive my_numbers_delete Destructive sip_trunks_delete Destructive sms_and_mms_sender_ids_delete Destructive ten_dlc_brand_campaigns_delete Destructive ten_dlc_brand_evidence_delete Destructive ten_dlc_brands_delete Destructive ten_dlc_subscriptions_delete Destructive two_fa_verification_cancel Destructive webrtc_tokens_delete
EXECUTE 1 tools
Execute call_control_audio_stop
WRITE 37 tools
Write api_keys_activate Write api_keys_create Write call_control_create Write call_control_streams_create Write call_control_update Write call_webhooks_create Write cart_add Write cart_checkout Write link_shortener_create Write my_numbers_destinations_update Write my_numbers_papers_upload Write my_numbers_sms_update Write my_numbers_update Write number_validator_create_bulk Write profile_update Write sip_trunks_create Write sip_trunks_update Write sms_and_mms_messages_send Write sms_and_mms_opt_outs_create Write sms_and_mms_sender_ids_create Write speech_analytics_create Write sub_accounts_create Write sub_accounts_update Write ten_dlc_brand_appeals_create Write ten_dlc_brand_campaigns_create Write ten_dlc_brand_campaigns_update Write ten_dlc_brand_evidence_upload Write ten_dlc_brand_vetting_appeals_create Write ten_dlc_brand_vettings_create Write ten_dlc_brand_vettings_import Write ten_dlc_brands_create Write ten_dlc_brands_update Write ten_dlc_subscriptions_create Write two_fa_verification_create Write voice_campaigns_create Write webrtc_tokens_create Write webrtc_tokens_update
READ 69 tools
Read api_keys_deactivate Read api_keys_list Read billing_invoices_download Read billing_invoices_list Read billing_transactions_list Read buy_cities_list Read buy_countries_list Read buy_numbers_list Read buy_region_cities_list Read buy_regions_list Read call_control_answer Read call_control_audio_play Read call_control_collect Read call_control_get Read call_control_list Read call_recording_get Read call_recording_list Read call_webhooks_list Read cart_get Read cdrs_get Read cdrs_list Read cdrs_list_all Read cdrs_retranscribe Read cdrs_search Read cdrs_transcription_get Read link_shortener_metrics_list Read my_numbers_get Read my_numbers_list Read number_validator_get Read number_validator_results_get Read profile_config_get Read profile_get Read sip_trunks_get Read sip_trunks_list Read sms_and_mms_messages_get Read sms_and_mms_messages_list Read sms_and_mms_messages_list_all Read sms_and_mms_opt_outs_list Read sms_and_mms_sender_ids_get Read sms_and_mms_sender_ids_list Read speech_analytics_file_get Read speech_analytics_get Read speech_analytics_retranscribe Read sub_accounts_get Read sub_accounts_list Read sub_accounts_transactions_list Read ten_dlc_brand_appeals_list Read ten_dlc_brand_campaigns_get Read ten_dlc_brand_campaigns_list Read ten_dlc_brand_evidence_get Read ten_dlc_brand_evidence_list Read ten_dlc_brand_usecase_qualify Read ten_dlc_brand_vetting_appeals_list Read ten_dlc_brand_vettings_list Read ten_dlc_brands_get Read ten_dlc_brands_list Read ten_dlc_campaign_numbers_link Read ten_dlc_campaign_numbers_list Read ten_dlc_campaign_numbers_unlink Read ten_dlc_campaigns_list Read ten_dlc_campaigns_nudge Read ten_dlc_subscriptions_list Read two_fa_events_list Read two_fa_sessions_list Read two_fa_verification_check Read two_fa_verification_resend Read voice_campaigns_get Read webrtc_tokens_get Read webrtc_tokens_list

FAQ

Can an AI agent delete data through the Wavix MCP server? +

Yes. The Wavix server exposes 15 destructive tools including api_keys_delete, call_control_delete, call_control_streams_delete. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Wavix? +

The Wavix server has 37 write tools including api_keys_activate, api_keys_create, call_control_create. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Wavix.

How many tools does the Wavix MCP server expose? +

122 tools across 4 categories: Destructive, Execute, Read, Write. 69 are read-only. 53 can modify, create, or delete data.

How do I enforce a policy on Wavix? +

Register the Wavix MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

// RELATED SERVERS

Other MCP servers with similar tools.

Starter policies for each. Same risk classification, live on your fleet in minutes.

Nodebench 724 tools
adminautomation
UnClick 451 tools
adminautomation
NowAIKit — ServiceNow AI Toolkit 446 tools
adminautomation
0nmcp 407 tools
adminautomation
ServiceNow MCP Server 384 tools
adminautomation
TheProtocol — Sovereign AI Agent Platform 380 tools
adminautomation
Aibtc 327 tools
adminautomation
Fusionauth 314 tools
adminautomation

Enforce policy on every Wavix tool call.

Deterministic rules across all 122 Wavix tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

SECURE WAVIX →

Free to start. No card required.

4,600+ MCP servers and 31,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.