// SCAN REPORT

Twenty MCP Server

29 tools. 11 can modify or destroy data without limits.

11 write tools that can modify data. Rate limits recommended.

Last updated: 11 Jun 2026

11 can modify or destroy data

18 read-only

29 tools total

Community server · catalogue entry verified 11/06/2026

How to control Twenty MCP Server ↓

TOOL MAP

What Twenty MCP Server exposes to your agents

Read (18) Write / Execute (11) Destructive / Financial (0)

Running more than one server? Check your whole stack →

MOST DANGEROUS TOOLS

High Risk

The most dangerous Twenty MCP Server tools

Write · Medium transfer_contact_to_company This tool modifies an existing CRM record by updating a contact's company association. Write · Medium create_comment This tool creates new comment data within CRM records, which is a reversible write operation. Write · Medium create_company This tool creates new data in a CRM system but does not irreversibly delete data, execute arbitrary code, or move money. Write · Medium create_contact This tool creates new records in the CRM, which is a reversible write operation.

11 of Twenty MCP Server's 29 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

POLICY

How to control Twenty MCP Server

PolicyLayer is an MCP gateway — it sits between your AI agents and Twenty MCP Server, and nothing reaches the server without passing your rules. These are the rules we recommend:

Rate limit write operations

{
  "transfer_contact_to_company": {
    "limits": [
      {
        "counter": "transfer_contact_to_company_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations

{
  "filter_activities": {
    "limits": [
      {
        "counter": "filter_activities_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

Create a free account and register Twenty MCP Server — nothing to install.
Add these rules — paste them, or build them visually. Tune the limits to your setup.
Point your MCP client (Claude, Cursor, anything) at your gateway URL.

ENFORCE POLICY ON TWENTY →

Free to start. No card required.

FULL CATALOGUE

All 29 Twenty MCP Server tools

WRITE 11 tools

Write transfer_contact_to_company Transfer a contact (person) from one company to another Write link_opportunity_to_company Link an opportunity to a company and/or point of contact Write create_comment Create a comment on any CRM record Write create_company Create a new company in Twenty CRM Write create_contact Create a new contact (person) in Twenty CRM Write create_note Create a new note in Twenty CRM Write create_opportunity Create a new opportunity/deal in Twenty CRM Write create_task Create a new task in Twenty CRM Write update_company Update an existing company in Twenty CRM Write update_contact Update an existing contact in Twenty CRM Write update_opportunity Update an existing opportunity in Twenty CRM

READ 18 tools

Read filter_activities Filter activities by specific criteria Read find_orphaned_records Find records that are missing important relationships (companies without contacts, contacts without companies, Read get_activities Get unified activities timeline from Twenty CRM (tasks, notes, etc.) Read get_company Retrieve a company by ID from Twenty CRM Read get_company_contacts Get all contacts (people) associated with a specific company Read get_contact Retrieve a contact by ID from Twenty CRM Read get_entity_activities Get all activities related to a specific entity (person, company, or opportunity) Read get_field_metadata Get detailed information about fields, either for a specific object or across all objects Read get_object_schema Get detailed schema information for a specific object including all fields and their types Read get_opportunity Retrieve an opportunity by ID from Twenty CRM Read get_person_opportunities Get all opportunities where a specific person is the point of contact Read get_relationship_summary Get a summary of all relationships for a specific entity (company or person) Read get_tasks Retrieve tasks from Twenty CRM Read list_all_objects List all objects (entities) available in Twenty CRM with their metadata Read list_opportunities_by_stage List all opportunities grouped by their sales stage (pipeline view) Read search_companies Search for companies in Twenty CRM Read search_contacts Search for contacts in Twenty CRM Read search_opportunities Search for opportunities in Twenty CRM with various filters

EXPLORE

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

FAQ

Questions about Twenty MCP Server

How do I prevent bulk modifications through Twenty MCP Server? +

The Twenty MCP Server server has 11 write tools including transfer_contact_to_company, link_opportunity_to_company, create_comment. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Twenty MCP Server.

How many tools does the Twenty MCP Server MCP server expose? +

29 tools across 3 categories: Financial, Read, Write. 18 are read-only. 11 can modify, create, or delete data.

How do I enforce a policy on Twenty MCP Server? +

Register the Twenty MCP Server MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Twenty MCP Server tool call.

Deterministic rules across all 29 Twenty MCP Server tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

ENFORCE POLICY ON TWENTY →

Free to start. No card required.

29 Twenty MCP Server tools catalogued and risk-classified — across an index of 43,000+ MCP servers.