// SCAN REPORT

Vscode

12 tools. 6 can modify or destroy data without limits.

6 write tools that can modify data. Rate limits recommended.

Last updated:

6 can modify or destroy data
6 read-only
12 tools total

Community server · catalogue entry verified 10/06/2026

How to control Vscode ↓

TOOL MAP

What Vscode exposes to your agents

Read (6) Write / Execute (6) Destructive / Financial (0)

Running more than one server? Check your whole stack →

MOST DANGEROUS TOOLS
High Risk

The most dangerous Vscode tools

Execute · Critical execute_shell_command_code This tool allows execution of arbitrary shell commands with side effects determined entirely by the arguments provided. Write · Medium copy_file_code Copying a file is a reversible Write operation—it creates new data but does not delete or permanently alter the original. Write · High create_file_code This tool performs reversible write operations on the file system. Write · Medium move_file_code Moving a file modifies filesystem metadata and is reversible (the file can be moved back).

6 of Vscode's 12 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

POLICY

How to control Vscode

PolicyLayer is an MCP gateway — it sits between your AI agents and Vscode, and nothing reaches the server without passing your rules. These are the rules we recommend:

Rate limit write operations
{
  "copy_file_code": {
    "limits": [
      {
        "counter": "copy_file_code_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "get_diagnostics_code": {
    "limits": [
      {
        "counter": "get_diagnostics_code_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Vscode — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON VSCODE →

Free to start. No card required.

FULL CATALOGUE

All 12 Vscode tools

EXECUTE 1 tools
Execute execute_shell_command_code Executes shell commands in VS Code integrated terminal. WHEN TO USE: Running CLI commands, builds, gi
WRITE 5 tools
Write copy_file_code Copies a file to a new location. WHEN TO USE: Creating backups, duplicating files for testing, creati Write create_file_code Creates new files or completely rewrites existing files. WHEN TO USE: New files, large modifications Write move_file_code Moves a file or directory to a new location using VS Code Write rename_file_code Renames a file or directory using VS Code Write replace_lines_code Replaces specific lines in existing files with exact content validation. WHEN TO USE: Modifications ≤
READ 6 tools
Read get_diagnostics_code CRITICAL: Run this after EVERY series of code changes to check for errors before completing tasks. An Read get_document_symbols_code Gets complete symbol outline for a file showing hierarchical structure and line numbers. WHEN TO USE: Read get_symbol_definition_code Gets definition information for a symbol using hover data (type, docs, source). WHEN TO USE: Understa Read list_files_code Explores directory structure in VS Code workspace. WHEN TO USE: Understanding project structure, find Read read_file_code Retrieves file contents with size limits and partial reading support. WHEN TO USE: Reading code, conf Read search_symbols_code Searches for symbols (functions, classes, variables) across workspace using fuzzy matching. WHEN TO U
EXPLORE

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Sperax Ecosystem Crypto & DeFI MCP Server 1318 tools
automation
Mcp Afip 1300 tools
automation
Mcp Ap2 1300 tools
automation
BNB Chain MCP 1240 tools
automation
Nodebench 824 tools
automation
Amazon Bedrock Knowledge Base Retrieval MCP Server 805 tools
automation
Amazon Data Processing MCP Server 805 tools
automation
Amazon ECS MCP Server 805 tools
automation
FAQ

Questions about Vscode

How do I prevent bulk modifications through Vscode? +

The Vscode server has 5 write tools including copy_file_code, create_file_code, move_file_code. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Vscode.

How many tools does the Vscode MCP server expose? +

12 tools across 3 categories: Execute, Read, Write. 6 are read-only. 6 can modify, create, or delete data.

How do I enforce a policy on Vscode? +

Register the Vscode MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Vscode tool call.

Deterministic rules across all 12 Vscode tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

ENFORCE POLICY ON VSCODE →

Free to start. No card required.

12 Vscode tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.