// SCAN REPORT

Mailbox

49 tools. 24 can modify or destroy data without limits.

5 destructive tools with no built-in limits. Policy required.

Last updated:

24 can modify or destroy data
25 read-only
49 tools total
// TOOL MAP
Read (25) Write / Execute (19) Destructive / Financial (5)
// WHAT CAN GO WRONG

Destructive tools (delete_draft, delete_filter, delete_label) permanently delete resources. There is no undo. An agent calling these in a retry loop causes irreversible damage.

Write operations (archive_email, authenticate, batch_modify_emails) modify state. Without rate limits, an agent can make hundreds of changes in seconds — faster than any human can review or revert.

Execute tools (reauth) trigger processes with side effects. Builds, notifications, workflows — all fired without throttling.

// RECOMMENDED RULES
Deny destructive operations
delete_draft:
  rules:
    - action: deny

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
archive_email:
  rules:
    - rate_limit: 30/hour

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
bulk_trash:
  rules:
    - rate_limit: 60/minute

Controls API costs and prevents retry loops from exhausting upstream rate limits.

// ALL 49 MAILBOX TOOLS
DESTRUCTIVE 5 tools
Destructive delete_draft Destructive delete_filter Destructive delete_label Destructive delete_template Destructive remove_account
EXECUTE 1 tools
Execute reauth
WRITE 18 tools
Write archive_email Write authenticate Write batch_modify_emails Write bulk_modify Write create_draft Write create_filter Write create_label Write export_email Write export_thread Write mark_read Write modify_email Write save_template Write send_draft Write send_email Write send_template Write set_signature Write set_vacation Write update_draft
READ 25 tools
Read bulk_trash Read bulk_unsubscribe Read count_unread_by_label Read download_attachment Read emails_since Read forward_email Read get_signature Read get_vacation Read inbox_summary Read list_accounts Read list_drafts Read list_filters Read list_labels Read list_recent_bulk_ops Read list_send_as Read list_templates Read multi_account_search Read read_email Read read_thread Read reply_email Read search_emails Read star_email Read trash_emails Read undo_bulk_op Read unsubscribe
// FAQ
Can an AI agent delete data through the Mailbox MCP server? +

Yes. The Mailbox server exposes 5 destructive tools including delete_draft, delete_filter, delete_label. These permanently remove resources with no undo. Intercept blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Mailbox? +

The Mailbox server has 18 write tools including archive_email, authenticate, batch_modify_emails. Set rate limits in your policy file -- for example, rate_limit: 10/hour prevents an agent from making more than 10 modifications per hour. Intercept enforces this at the transport layer.

How many tools does the Mailbox MCP server expose? +

49 tools across 4 categories: Destructive, Execute, Read, Write. 25 are read-only. 24 can modify, create, or delete data.

How do I add Intercept to my Mailbox setup? +

One line change. Instead of running the Mailbox server directly, prefix it with Intercept: intercept -c mailbox.yaml -- npx -y @mailbox-mcp. Download a pre-built policy from policylayer.com/policies/mailbox and adjust the limits to match your use case.

// RELATED SERVERS

Other MCP servers with similar tools.

Starter policies available for each. Same risk classification, same one-command setup.

Mcp Api 314 tools
adminautomation
Aibtc 308 tools
adminautomation
SmartBear MCP 243 tools
adminautomation
Google Super 200 tools
adminautomation
Arcane 180 tools
adminautomation
Propresenter 177 tools
adminautomation
Leaper Vision Toolkit 169 tools
adminautomation
Opencut Controller 161 tools
adminautomation

Let agents act without letting them run wild.

Deterministic policy on every MCP tool call. Per-identity grants. Full audit log.

GET STARTED →
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.