// SCAN REPORT

Mcp Grafana Npx

50 tools. 9 can modify or destroy data without limits.

9 write tools that can modify data. Rate limits recommended.

Last updated:

9 can modify or destroy data
41 read-only
50 tools total
// TOOL MAP
Read (41) Write / Execute (9) Destructive / Financial (0)
// WHAT CAN GO WRONG

Write operations (add_activity_to_incident, alerting_manage_routing, alerting_manage_rules) modify state. Without rate limits, an agent can make hundreds of changes in seconds — faster than any human can review or revert.

One command. Full control.

Intercept sits between your agent and Mcp Grafana Npx. Every tool call checked against your policy before it executes — so your agent can do its job without breaking things.

npx -y @policylayer/intercept scan -- npx -y @mcp-grafana-npx
Scans every tool. Generates a policy. Starts enforcing.
Works with Claude Code · Cursor · Claude Desktop · Windsurf · any MCP client
// RECOMMENDED RULES
Rate limit write operations
add_activity_to_incident:
  rules:
    - rate_limit: 30/hour

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
find_error_pattern_logs:
  rules:
    - rate_limit: 60/minute

Controls API costs and prevents retry loops from exhausting upstream rate limits.

// ALL 50 MCP GRAFANA NPX TOOLS
WRITE 9 tools
Write add_activity_to_incident Write alerting_manage_routing Write alerting_manage_rules Write create_annotation Write create_folder Write create_incident Write generate_deeplink Write update_annotation Write update_dashboard
READ 41 tools
Read find_error_pattern_logs Read find_slow_requests Read get_alert_group Read get_annotation_tags Read get_annotations Read get_assertions Read get_current_oncall_users Read get_dashboard_by_uid Read get_dashboard_panel_queries Read get_dashboard_property Read get_dashboard_summary Read get_datasource Read get_incident Read get_oncall_shift Read get_panel_image Read get_sift_analysis Read get_sift_investigation Read list_alert_groups Read list_datasources Read list_incidents Read list_loki_label_names Read list_loki_label_values Read list_oncall_schedules Read list_oncall_teams Read list_oncall_users Read list_prometheus_label_names Read list_prometheus_label_values Read list_prometheus_metric_metadata Read list_prometheus_metric_names Read list_pyroscope_label_names Read list_pyroscope_label_values Read list_pyroscope_profile_types Read list_sift_investigations Read query_loki_logs Read query_loki_patterns Read query_loki_stats Read query_prometheus Read query_prometheus_histogram Read query_pyroscope Read search_dashboards Read search_folders
// FAQ
How do I prevent bulk modifications through Mcp Grafana Npx? +

The Mcp Grafana Npx server has 9 write tools including add_activity_to_incident, alerting_manage_routing, alerting_manage_rules. Set rate limits in your policy file -- for example, rate_limit: 10/hour prevents an agent from making more than 10 modifications per hour. Intercept enforces this at the transport layer.

How many tools does the Mcp Grafana Npx MCP server expose? +

50 tools across 2 categories: Read, Write. 41 are read-only. 9 can modify, create, or delete data.

How do I add Intercept to my Mcp Grafana Npx setup? +

One line change. Instead of running the Mcp Grafana Npx server directly, prefix it with Intercept: intercept -c mcp-grafana-npx.yaml -- npx -y @mcp-grafana-npx. Download a pre-built policy from policylayer.com/policies/mcp-grafana-npx and adjust the limits to match your use case.

policylayer/intercept

Control every MCP tool call
your agent makes.

Set budgets, approvals, and hard limits across MCP servers.

npx -y @policylayer/intercept init
Protect your agent in 30 seconds. Scans your MCP config and generates enforcement policies for every server.
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.