DevFlow MCP Server

64 tools. 25 can modify or destroy data without limits.

2 destructive tools with no built-in limits. Policy required.

Last updated:

25 can modify or destroy data
39 read-only
64 tools total

Community server · catalogue entry verified 30/06/2026

How to control DevFlow MCP Server ↓

What DevFlow MCP Server exposes to your agents

Read (39) Write / Execute (23) Destructive / Financial (2)
Critical Risk

The most dangerous DevFlow MCP Server tools

25 of DevFlow MCP Server's 64 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control DevFlow MCP Server

PolicyLayer is an MCP gateway — it sits between your AI agents and DevFlow MCP Server, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations
{
  "devflow_disconnect": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "adr_accept": {
    "limits": [
      {
        "counter": "adr_accept_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "adr_get": {
    "limits": [
      {
        "counter": "adr_get_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register DevFlow MCP Server — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON DEVFLOW →

Instant setup, no code required.

All 64 DevFlow MCP Server tools

WRITE 22 tools
Write adr_accept Accept a decision.md flow-attachment as an official ADR. Auto-assigns the next ADR number for this project, co Write adr_update_status Change an ADR Write agent_session_complete Complete an active agent session. Use this when you Write agent_session_create Create a new agent session for a flow. An agent session tracks a unit of work performed by the AI agent. Use t Write agent_session_log Log a message to an active agent session. Use this to record progress, decisions, or issues during a work sess Write devflow_connect Connect this project to DevFlow. Links the current directory to a DevFlow project, Write doc_page_create Create a new documentation page in a project. Use this to add new knowledge, guides, or documentation. Pages a Write doc_page_update Update an existing documentation page. All fields are optional — only provide the fields you want to change. Write flow_create Create a new flow in a project. Use this to create new feature requests, bug reports, or tasks. The flow start Write flow_update Update a flow Write flow_upload Upload a file as an attachment to the current flow.\n Write flow_upload_file Attach a file from disk to the current flow. Use this for images / PDFs / large files (up to 50 MB).\n\n Write intent_resolve Close a forward-intent page. Sets frontmatter.status= Write knowledge_check_resolve Resolve a single knowledge-check warning manually. In most cases you do NOT need this tool anymore — the pre-t Write knowledge_draft_accept Accept a draft. Creates the corresponding ADR or doc_page and marks the draft accepted. This is the commit ste Write knowledge_draft_create Create a new knowledge draft. Called by YOU (Claude) after classifying flows via knowledge_backfill_request, o Write knowledge_draft_reject Reject a draft with optional reviewer notes. Rejected drafts are remembered — dedup will not propose the same Write project_bootstrap_audit Bootstrap the knowledge base of a project by auditing its code. Returns a structured prompt: default subsystem Write release_create Create a new release for a project. Use this to plan a new version or milestone. Automatically uses the linked Write release_update Update an existing release. Use this to change the release name, description, status, or target date. Write task_create Create a new task under a flow. Use this to break down a flow into smaller, trackable steps. Tasks can have: - Write task_update Update a task
READ 39 tools
Read adr_get Get a single ADR by its number. Returns full content, status, supersedes chain, originated flow. Use this to p Read adr_get_audit_log Get the audit log (status change history) for an ADR. Returns the full timeline of status transitions with use Read adr_list List all Architecture Decision Records for a project. Optional status filter (proposed | accepted | deprecated Read agent_session_list List agent sessions for a flow. Returns all sessions with their status, timing, and summary. Use this to revie Read devflow_status Show DevFlow MCP connection status or manage the connection.\n Read devflow_tokens_list List active (non-expired) discipline-tokens for a flow. Does NOT return raw tokens — only metadata (id, skillN Read doc_page_get Get a single documentation page with its full content. Returns title, section, content (markdown), tags, and m Read doc_page_list List all documentation pages for a project, grouped by section. Returns sections with their pages (title, id, Read error_context_get DF-316 — Error-Driven Wiki Lookup. When you hit an unexpected error / exception / failing test, call this FIRS Read flow_comments_get Reload only the discussion (comments) for a flow as a Markdown section. Returns the same Read flow_get Get detailed information about a specific flow. Returns the full flow including: - Summary and description - A Read flow_get_feedback Get user feedback for a flow. Use this at the start of a session to check if the user has provided feedback on Read flow_list List flows as a Markdown table (ID | State | Assignee | Titel). Conventions enforced uniformly across the plu Read idea_prompts_get DF-318 — Idea-Prompt-Garage. Returns curated prompts per area (Auth, Billing, Performance, …) with wiki-eviden Read ideas_get DF-315 — Idea-Backlog: aggregates 5 organic idea sources from the wiki into one curated pipeline: - Open inte Read knowledge_autotag_suggest Suggest project tags for a piece of content using TF-IDF against the existing project tag pool. Never invents Read knowledge_backfill_request Prepare a knowledge backfill run for a project. Returns done-flows + existing ADRs + structured instructions t Read knowledge_check_flow Run a knowledge check on a flow: spot drift against existing ADRs and identify missing knowledge (topics witho Read knowledge_draft_list List knowledge drafts for a project. Optional status filter (pending | accepted | rejected). Useful before pro Read knowledge_harvest Harvest knowledge from a single done-flow. Call this right after flow_update transitions a flow to done (the s Read pending_work Snapshot of open work across the project. Returns four buckets: - inFlightFlows: flows currently in planning / Read planning_context Get a compact context bundle for planning a flow. Returns related ADRs, parallel open flows, similar done flow Read project_get Get detailed information about a specific project. Returns the full project including: - Name and description Read project_list List all available projects. Returns projects with their ID, name, and status. Use this to find the project ID Read release_get Get detailed information about a specific release. Returns the full release including name, description, statu Read release_list List all releases for a project. Returns releases with their status, target dates, and descriptions. Automatic Read search Search across flows, tasks, and projects in DevFlow. Use this to find items by keyword, title, or content. Sup Read task_list List all tasks for a flow. Tasks are sub-items of a flow that track implementation progress. Returns tasks wit Read wiki_backlinks Find all assets that link TO a given asset (reverse lookup). Useful to see where an ADR or Pattern is referenc Read wiki_get_briefing DF-310 — Per-flow LLM-Wiki briefing. Returns the curated set of related ADRs, related patterns/runbooks/intent Read wiki_get_flow_context Return a compact context briefing for a flow: outgoing wiki links + backlinks + tags. Use this before writing Read wiki_get_index DF-312 — Hierarchical TOC of the project Read wiki_get_lint DF-312 — Health-report of the wiki: stale (release-stage entries older than N days that are still cited), orph Read wiki_get_log DF-312 — Chronological mutation feed of the wiki: ADR/doc_page creates, extends, supersedes, deprecates within Read wiki_get_page Resolve a wiki reference to a concrete asset and return it with backlinks. The raw can be a slug (e.g. Read wiki_get_project_context Return a brief overview of the project knowledge: number of assets per type, top-tagged categories, and recent Read wiki_graph_neighbors Return the local knowledge graph around a project (nodes + edges). Optional type filter to limit which asset t Read wiki_list_by_type List all wiki assets of a specific document_type (adr | pattern | runbook | customer_context | glossary). Retu Read wiki_search Full-text search over all wiki assets (flows, doc_pages, reviews, releases). Uses SQLite FTS5 with prefix matc

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Questions about DevFlow MCP Server

Can an AI agent delete data through the DevFlow MCP Server MCP server? +

Yes. The DevFlow MCP Server server exposes 2 destructive tools including devflow_disconnect, doc_page_delete. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through DevFlow MCP Server? +

The DevFlow MCP Server server has 22 write tools including adr_accept, adr_update_status, agent_session_complete. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach DevFlow MCP Server.

How many tools does the DevFlow MCP Server MCP server expose? +

64 tools across 4 categories: Destructive, Execute, Read, Write. 39 are read-only. 25 can modify, create, or delete data.

How do I enforce a policy on DevFlow MCP Server? +

Register the DevFlow MCP Server MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every DevFlow MCP Server tool call.

Deterministic rules across all 64 DevFlow MCP Server tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

64 DevFlow MCP Server tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.