Universal Dev MCP

55 tools. 28 can modify or destroy data without limits.

1 destructive tool with no built-in limits. Policy required.

Last updated:

28 can modify or destroy data
27 read-only
55 tools total

Community server · catalogue entry verified 30/06/2026

How to control Universal Dev MCP ↓

What Universal Dev MCP exposes to your agents

Read (27) Write / Execute (27) Destructive / Financial (1)
Critical Risk

The most dangerous Universal Dev MCP tools

28 of Universal Dev MCP's 55 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control Universal Dev MCP

PolicyLayer is an MCP gateway — it sits between your AI agents and Universal Dev MCP, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations
{
  "deregister_project": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "browser_close": {
    "limits": [
      {
        "counter": "browser_close_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "browser_get_content": {
    "limits": [
      {
        "counter": "browser_get_content_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Universal Dev MCP — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON UNIVERSAL DEV →

Instant setup, no code required.

All 55 Universal Dev MCP tools

READ 27 tools
Read browser_get_content Current page ka text content lo (first 8000 chars) Read browser_get_element Page par specific element dhundho aur uska content lo Read browser_screenshot Browser ka screenshot lo Read debug_memory_list Debug memory list (user_id based) Read decision_memory_search Decision memory search (keyword overlap) (user_id based) Read desktop_get_windows Saari open windows ki list lo Read desktop_screenshot Desktop ka screenshot lo (GNOME Wayland/XWayland) Read docker_logs Docker container logs padhna Read docker_ps Docker containers list karo Read env_read .env file safely padhna (secrets masked) Read file_list Directory contents dekhna Read file_read Koi bhi file padhna Read file_search Project mein text search karna Read generate_plan Request ke basis par tool-use plan generate karta hai (uses memories) Read get_activity_log Saare developers ki activity log dekho — kaun, kab, kya kiya (branch aur time filter supported) Read git_status Git status, log, diff dekhna Read list_projects Saare registered projects aur unka active status dekho Read log_tail Kisi bhi log file ke last N lines padhna Read memory_get Pehle save ki gayi memory padhna Read memory_list Sari saved memories dekhna Read my_activity Meri apni activity dekho — is session ke developer ki sari actions Read port_check Kaun sa port chal raha hai check karo Read project_context Current project info load karo (framework, config, active path) Read project_memory_get Project memory get (user_id based) Read project_memory_list Project memory list (user_id based) Read semantic_memory_search Semantic memory search (keyword overlap) (user_id based) Read verify_session OTP verify karo — pehle ye tool use karo. developer_name optional hai — activity log mein aapka naam aayega.

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Questions about Universal Dev MCP

Can an AI agent delete data through the Universal Dev MCP server? +

Yes. The Universal Dev MCP server exposes 1 destructive tools including deregister_project. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Universal Dev MCP? +

The Universal Dev MCP server has 12 write tools including browser_close, browser_save_session, confirm_framework. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Universal Dev MCP.

How many tools does the Universal Dev MCP server expose? +

55 tools across 4 categories: Destructive, Execute, Read, Write. 27 are read-only. 28 can modify, create, or delete data.

How do I enforce a policy on Universal Dev MCP? +

Register the Universal Dev MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Universal Dev MCP tool call.

Deterministic rules across all 55 Universal Dev MCP tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

55 Universal Dev MCP tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.