6 tools. 1 can modify or destroy data without limits.
1 write tool that can modify data. Rate limits recommended.
Last updated:
Execute tools (build_search_query) trigger processes with side effects. Builds, notifications, workflows — all fired without throttling.
graphql_get_content_type_schema:
rules:
- rate_limit: 60/minute Controls API costs and prevents retry loops from exhausting upstream rate limits.
The Contentful GraphQL Server server is primarily read-only with 5 read tools. While it cannot modify data, an agent in a retry loop can make thousands of API calls per minute, exhausting rate limits and running up costs. Rate limiting is still recommended.
6 tools across 2 categories: Execute, Read. 5 are read-only. 1 can modify, create, or delete data.
One line change. Instead of running the Contentful GraphQL Server server directly, prefix it with Intercept: intercept -c ivo-toby-contentful-mcp-graphql.yaml -- npx -y @ivo-toby/contentful-mcp-graphql. Download a pre-built policy from policylayer.com/policies/ivo-toby-contentful-mcp-graphql and adjust the limits to match your use case.
Starter policies available for each. Same risk classification, same one-command setup.
Deterministic policy on every MCP tool call. Per-identity grants. Full audit log.