LaunchFrame MCP

56 tools. 26 can modify or destroy data without limits.

4 destructive tools with no built-in limits. Policy required.

Last updated:

26 can modify or destroy data
30 read-only
56 tools total

Community server · catalogue entry verified 29/06/2026

How to control LaunchFrame MCP ↓

What LaunchFrame MCP exposes to your agents

Read (30) Write / Execute (22) Destructive / Financial (4)
Critical Risk

The most dangerous LaunchFrame MCP tools

26 of LaunchFrame MCP's 56 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control LaunchFrame MCP

PolicyLayer is an MCP gateway — it sits between your AI agents and LaunchFrame MCP, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations
{
  "cli_cache_clear": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "cli_cache_update": {
    "limits": [
      {
        "counter": "cli_cache_update_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "architecture_get_overview": {
    "limits": [
      {
        "counter": "architecture_get_overview_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register LaunchFrame MCP — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON LAUNCHFRAME →

Instant setup, no code required.

All 56 LaunchFrame MCP tools

READ 30 tools
Read architecture_get_overview Get the overall architecture of the LaunchFrame project: services, backend module layout, key patterns, fronte Read auth_get_decorator_usage Get the exact decorator and import for a specific auth need. Read auth_get_guard_usage Get the guard class, import path, and decorator combo for a specific guard type. Read auth_get_overview Get full auth system overview: guard hierarchy, session flow, Better Auth setup, roles, and decorator system. Read cli_cache_info Show information about the local LaunchFrame service cache (location, size, cached services, last update time) Read cli_docker_logs Fetch a snapshot of Docker service logs (non-streaming). Returns the last N lines. Read cli_module_list List all available modules that can be added to a LaunchFrame project (e.g., feature-flags, multi-tenancy). Read cli_service_list List all available optional services that can be added to a LaunchFrame project (e.g., waitlist, docs, custome Read cli_waitlist_logs Fetch a snapshot of waitlist service logs from the VPS (non-streaming). Returns the last N lines. Read credits_get_add_pattern Get the code snippet for programmatically adding credits to a user with a specific transaction type. Read credits_get_deduction_pattern Get the decorator + guard pattern for deducting credits on a route. Read credits_get_monetization_strategies Get an overview of all monetization strategies (free, subscription, credits, hybrid) and when to use each. Read cron_get_pattern Get the LaunchFrame cron job pattern: where jobs live, available CronExpression presets, and module registrati Read database_schema Returns the full database schema (all tables, columns, types, relations) plus ready-made SQL snippets for comm Read email_get_conventions Get an overview of the LaunchFrame email system: sending patterns (direct vs queue-based), template convention Read entity_get_conventions Get TypeORM entity conventions for LaunchFrame: required decorators, naming strategy, column types, relations, Read env_get_conventions Get environment variable conventions for LaunchFrame: single centralized .env location, variable naming rules, Read feature_gates_get_check_pattern Get a copy-paste TypeScript snippet for checking a feature gate by code and type. Read feature_gates_get_overview Get the feature gate system overview: how features are stored, how to query them, and the check pattern. Read module_get_structure Get the NestJS module folder structure, conventions, and rules used in LaunchFrame. Read queue_get_names List all available Bull queues in LaunchFrame with their purpose and usage rules. Read queue_scaffold_processor Get a Bull processor class scaffold for a given queue and job name. Read queue_scaffold_producer Get the code to inject and use a Bull queue as a producer in a NestJS service. Read rbac_get_guard_usage Get when and how to apply @RequiresPermission, owner bypass rules, cache invalidation patterns, and multi-tena Read rbac_get_overview Get full RBAC model overview: actor responsibilities, data model, default roles, guard evaluation order, and v Read rbac_get_permission_pattern Get the 4-step workflow for adding a new permission: enum → seeder → superadmin assigns → @RequiresPermission( Read subscriptions_get_plans_overview Get an overview of the subscription plans system: plan groups, annual billing toggle, API response shape, and Read variant_get_overview Get an overview of LaunchFrame project variants: Base (B2B single-tenant), Multi-tenant, and B2B2C. Explains h Read webhook_get_architecture Get an overview of the LaunchFrame webhook architecture: receipt/processing separation, WebhookLog entity, Bul

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Questions about LaunchFrame MCP

Can an AI agent delete data through the LaunchFrame MCP server? +

Yes. The LaunchFrame MCP server exposes 4 destructive tools including cli_cache_clear, cli_deploy_sync_features, cli_docker_destroy. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through LaunchFrame MCP? +

The LaunchFrame MCP server has 10 write tools including cli_cache_update, cli_dev_add_user, cli_migration_create. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach LaunchFrame MCP.

How many tools does the LaunchFrame MCP server expose? +

56 tools across 4 categories: Destructive, Execute, Read, Write. 30 are read-only. 26 can modify, create, or delete data.

How do I enforce a policy on LaunchFrame MCP? +

Register the LaunchFrame MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every LaunchFrame MCP tool call.

Deterministic rules across all 56 LaunchFrame MCP tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

56 LaunchFrame MCP tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.