Enforce policies on every tool call to the Lunch Money MCP Server. 29 tools with suggested default rules ready to customise.
Last updated:
This policy includes sensible default rules. Download it, adjust the limits to match your use case, and run with Intercept.
# Download policy with default rules
curl -o lunch-money.yaml https://raw.githubusercontent.com/policylayer/intercept/main/policies/lunch-money.yaml # Run with Intercept
intercept --policy lunch-money.yaml -- npx -y @@akutishevsky/lunchmoney-mcp Server documentation: https://github.com/akutishevsky/lunchmoney-mcp
This policy includes suggested default rules for common use cases. Adjust rate limits, add argument validation, or remove rules you don't need.
version: "1" description: "Policy for @akutishevsky/lunchmoney-mcp" # Set to "deny" to reject tool calls not listed below default: "allow" tools: # -- Financial Tools ---------------------------------------- # create_transactions: Create new financial transactions create_transactions: rules: - action: deny on_deny: "Financial operation requires approval" # -- Destructive Tools ---------------------------------------- # delete_category: Delete a spending category delete_category: rules: - action: deny on_deny: "Destructive operation blocked by policy" # delete_transaction_group: Delete a transaction group delete_transaction_group: rules: - action: deny on_deny: "Destructive operation blocked by policy" # force_delete_category: Force delete category with data cleanup force_delete_category: rules: - action: deny on_deny: "Destructive operation blocked by policy" # remove_budget: Remove a budget for a category remove_budget: rules: - action: deny on_deny: "Destructive operation blocked by policy" # unsplit_transactions: Remove transactions from split groups unsplit_transactions: rules: - action: deny on_deny: "Destructive operation blocked by policy" # -- Execute Tools ---------------------------------------- # trigger_plaid_fetch: Trigger fetch of latest data from Plaid trigger_plaid_fetch: rules: - action: allow rate_limit: 10/hour validate: required_args: true # -- Write Tools ---------------------------------------- # add_to_category_group: Add categories to a group add_to_category_group: rules: - action: allow rate_limit: 30/hour # create_asset: Create a new asset entry create_asset: rules: - action: allow rate_limit: 30/hour # create_category: Create a new spending category create_category: rules: - action: allow rate_limit: 30/hour # create_category_group: Create a category group create_category_group: rules: - action: allow rate_limit: 30/hour # create_transaction_group: Create a transaction group create_transaction_group: rules: - action: allow rate_limit: 30/hour # update_asset: Update asset properties update_asset: rules: - action: allow rate_limit: 30/hour # update_category: Update category properties update_category: rules: - action: allow rate_limit: 30/hour # update_manual_crypto: Update balance for manually-managed crypto update_manual_crypto: rules: - action: allow rate_limit: 30/hour # update_transaction: Update an existing transaction record update_transaction: rules: - action: allow rate_limit: 30/hour # upsert_budget: Create or update budget amounts upsert_budget: rules: - action: allow rate_limit: 30/hour # -- Read Tools ---------------------------------------- # get_all_assets: List all manually-managed assets get_all_assets: rules: - action: allow rate_limit: 60/minute # get_all_categories: List all spending categories get_all_categories: rules: - action: allow rate_limit: 60/minute # get_all_crypto: List all cryptocurrency assets get_all_crypto: rules: - action: allow rate_limit: 60/minute # get_all_plaid_accounts: List all connected Plaid accounts get_all_plaid_accounts: rules: - action: allow rate_limit: 60/minute # get_all_tags: List all available tags get_all_tags: rules: - action: allow rate_limit: 60/minute # get_budget_summary: Get budget summary by date range get_budget_summary: rules: - action: allow rate_limit: 60/minute # get_recurring_items: List recurring items for a date range get_recurring_items: rules: - action: allow rate_limit: 60/minute # get_single_category: Get details for a specific category get_single_category: rules: - action: allow rate_limit: 60/minute # get_single_transaction: Get detailed transaction information get_single_transaction: rules: - action: allow rate_limit: 60/minute # get_transaction_group: Get transaction group details get_transaction_group: rules: - action: allow rate_limit: 60/minute # get_transactions: List transactions with filtering options get_transactions: rules: - action: allow rate_limit: 60/minute # get_user: Retrieve current user details get_user: rules: - action: allow rate_limit: 60/minute
Yes. The Lunch Money server exposes 1 financial tools including create_transactions. Without a policy, an autonomous agent can call these with no spend caps, no rate limits, and no approval flow. Intercept lets you block financial tools by default or set per-tool rate limits.
Yes. The Lunch Money server exposes 5 destructive tools including delete_category, delete_transaction_group, force_delete_category. These permanently remove resources with no undo. Intercept blocks destructive tools by default so they never reach the upstream server.
The Lunch Money server has 10 write tools including add_to_category_group, create_asset, create_category. Set rate limits in your policy file -- for example, rate_limit: 10/hour prevents an agent from making more than 10 modifications per hour. Intercept enforces this at the transport layer.
29 tools across 5 categories: Destructive, Execute, Financial, Read, Write. 12 are read-only. 17 can modify, create, or delete data.
One line change. Instead of running the Lunch Money server directly, prefix it with Intercept: intercept -c lunch-money.yaml -- npx -y @@akutishevsky/lunchmoney-mcp. Download a pre-built policy from policylayer.com/policies/lunch-money and adjust the limits to match your use case.
Open source. One binary. Zero dependencies.
npx -y @policylayer/intercept