// SCAN REPORT

Attio

57 tools. 30 can modify or destroy data without limits.

6 destructive tools with no built-in limits. Policy required.

Last updated:

30 can modify or destroy data
27 read-only
57 tools total

Community server · catalogue entry verified 12/06/2026

How to control Attio ↓

TOOL MAP

What Attio exposes to your agents

Read (27) Write / Execute (24) Destructive / Financial (6)

Running more than one server? Check your whole stack →

MOST DANGEROUS TOOLS
Critical Risk

The most dangerous Attio tools

Destructive · High deletev2notesbynoteid This tool permanently removes data (a note) from the system with no undo capability. Destructive · High deletev2tasksbytaskid This tool irreversibly deletes task records. Destructive · High deletev2webhooksbywebhookid Webhooks are critical infrastructure components for integrating external systems. Destructive · High deletev2commentsbycommentid This tool irreversibly deletes comments and, critically, can cascade-delete entire comment threads if the head comment is targeted.

30 of Attio's 57 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

POLICY

How to control Attio

PolicyLayer is an MCP gateway — it sits between your AI agents and Attio, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations
{
  "deletev2notesbynoteid": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "patchv2attributesbyattribute": {
    "limits": [
      {
        "counter": "patchv2attributesbyattribute_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "getv2attributes": {
    "limits": [
      {
        "counter": "getv2attributes_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Attio — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON ATTIO →

Free to start. No card required.

FULL CATALOGUE

All 57 Attio tools

DESTRUCTIVE 6 tools
Destructive deletev2notesbynoteid Delete a single note by ID. Required scopes: \ Destructive deletev2tasksbytaskid Delete a task by ID. Required scopes: \ Destructive deletev2webhooksbywebhookid Delete a webhook by ID. Required scopes: \ Destructive deletev2commentsbycommentid Deletes a comment by ID. If deleting a comment at the head of a thread, all messages in the thread are also de Destructive deletev2listsentriesbyentryid Deletes a single list entry by its \ Destructive deletev2objectsrecordsbyrecordid Deletes a single record (e.g. a company or person) by ID. Required scopes: \
WRITE 24 tools
Write patchv2attributesbyattribute Updates a single attribute on a given object or list. Required scopes: \ Write patchv2attributesoptionsbyoption Updates a select option on an attribute on either an object or a list. Required scopes: \ Write patchv2listsbylist Updates an existing list. Permissions for the list are controlled with the \ Write patchv2objectsbyobject Updates a single object. The object to be updated is identified by its \ Write patchv2tasksbytaskid Updates an existing task by \ Write postv2attributesoptions Adds a select option to a select attribute on an object or a list. Required scopes: \ Write postv2listsentries Adds a record to a list as a new list entry. This endpoint will throw on conflicts of unique attributes. Multi Write postv2notes Creates a new note for a given record. Required scopes: \ Write postv2objects Creates a new custom object in your workspace. Required scopes: \ Write postv2tasks Creates a new task. At present, tasks can only be created from plaintext without record reference formatting. Write patchv2attributesstatusesbystatus Update a status on an status attribute on either an object or a list. Required scopes: \ Write patchv2listsentriesbyentryid Use this endpoint to update list entries by \ Write patchv2objectsrecordsbyrecordid Use this endpoint to update people, companies, and other records by \ Write patchv2webhooksbywebhookid Update a webhook and associated subscriptions. Required scopes: \ Write postv2attributes Creates a new attribute on either an object or a list. To create an attribute on an object, you must also hav Write postv2attributesstatuses Add a new status to a status attribute on either an object or a list. Required scopes: \ Write postv2comments Creates a new comment related to an existing thread, record or entry. To create comments on records, you will Write postv2lists Creates a new list. Once you have your list, add attributes to it using the [Create attribute](/rest-api/endp Write postv2objectsrecords Creates a new person, company or other record. This endpoint will throw on conflicts of unique attributes. If Write postv2webhooks Create a webhook and associated subscriptions. Required scopes: \ Write putv2listsentries Use this endpoint to create or update a list entry for a given parent record. If an entry with the specified p Write putv2listsentriesbyentryid Use this endpoint to update list entries by \ Write putv2objectsrecords Use this endpoint to create or update people, companies and other records. A matching attribute is used to sea Write putv2objectsrecordsbyrecordid Use this endpoint to update people, companies, and other records by \
READ 27 tools
Read getv2attributes Lists all attributes defined on a specific object or list. Attributes are returned in the order that they are Read getv2attributesbyattribute Gets information about a single attribute on either an object or a list. Required scopes: \ Read getv2attributesoptions Lists all select options for a particular attribute on either an object or a list. Required scopes: \ Read getv2attributesstatuses Lists all statuses for a particular status attribute on either an object or a list. Required scopes: \ Read getv2commentsbycommentid Get a single comment by ID. To view comments on records, you will need the \ Read getv2lists List all lists that your access token has access to. lists are returned in the order that they are sorted in t Read getv2listsbylist Gets a single list in your workspace that your access token has access to. Required scopes: \ Read getv2listsentriesattributesvalues Gets all values for a given attribute on a list entry. If the attribute is historic, this endpoint has the abi Read getv2listsentriesbyentryid Gets a single list entry by its \ Read getv2notes List notes for all records or for a specific record. Required scopes: \ Read getv2notesbynoteid Get a single note by ID. Required scopes: \ Read getv2objects Lists all system-defined and user-defined objects in your workspace. Required scopes: \ Read getv2objectsbyobject Gets a single object by its \ Read getv2objectsrecordsattributesvalues Gets all values for a given attribute on a record. If the attribute is historic, this endpoint has the ability Read getv2objectsrecordsbyrecordid Gets a single person, company or other record by its \ Read getv2objectsrecordsentries List all entries, across all lists, for which this record is the parent. Required scopes: \ Read getv2self Identify the current access token, the workspace it is linked to, and any permissions it has. Read getv2tasks List all tasks. Results are sorted by creation date, from oldest to newest. Required scopes: \ Read getv2tasksbytaskid Get a single task by ID. Required scopes: \ Read getv2threads List threads of comments on a record or list entry. To view threads on records, you will need the \ Read getv2threadsbythreadid Get all comments in a thread. To view threads on records, you will need the \ Read getv2webhooks Get all of the webhooks in your workspace. Required scopes: \ Read getv2webhooksbywebhookid Get a single webhook. Required scopes: \ Read getv2workspacemembers Lists all workspace members in the workspace. Required scopes: \ Read getv2workspacemembersbyworkspacememberid Gets a single workspace member by ID. Required scopes: \ Read postv2listsentriesquery Lists entries in a given list, with the option to filter and sort results. Required scopes: \ Read postv2objectsrecordsquery Lists people, company or other records, with the option to filter and sort results. Required scopes: \
EXPLORE

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Sperax Ecosystem Crypto & DeFI MCP Server 1318 tools
admin
Mcp Afip 1300 tools
admin
Mcp Ap2 1300 tools
admin
BNB Chain MCP 1240 tools
admin
Nodebench 824 tools
admin
Amazon Bedrock Knowledge Base Retrieval MCP Server 805 tools
admin
Amazon Data Processing MCP Server 805 tools
admin
Amazon ECS MCP Server 805 tools
admin
FAQ

Questions about Attio

Can an AI agent delete data through the Attio MCP server? +

Yes. The Attio server exposes 6 destructive tools including deletev2notesbynoteid, deletev2tasksbytaskid, deletev2webhooksbywebhookid. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Attio? +

The Attio server has 24 write tools including patchv2attributesbyattribute, patchv2attributesoptionsbyoption, patchv2listsbylist. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Attio.

How many tools does the Attio MCP server expose? +

57 tools across 3 categories: Destructive, Read, Write. 27 are read-only. 30 can modify, create, or delete data.

How do I enforce a policy on Attio? +

Register the Attio MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Attio tool call.

Deterministic rules across all 57 Attio tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

ENFORCE POLICY ON ATTIO →

Free to start. No card required.

57 Attio tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.