MCP Server Policy

NETLIFY MCP POLICY

Enforce policies on every tool call to the Netlify MCP Server. 18 tools listed, categorised, and ready for rules.

@netlify/mcp 10 read 8 write 18 tools total

netlify deployment hosting jamstack

GET STARTED

Download this policy scaffold and add your rules. Intercept enforces them on every tool call before it reaches Netlify.

terminal

# Download policy scaffold


curl -o netlify.yaml https://raw.githubusercontent.com/policylayer/intercept/main/policies/netlify.yaml

# Run with Intercept


intercept --policy netlify.yaml -- npx -y @@netlify/mcp

Server documentation: https://www.npmjs.com/package/@netlify/mcp

READ TOOLS

get-user Get information about the authenticated Netlify user

get-project Get details of a specific Netlify project

get-projects List all Netlify projects

get-deploy Get details of a specific deploy by ID

get-deploy-for-site Get deploy details for a specific site

get-forms-for-project Get forms for a project

get-team Get details of a specific team

get-teams List all teams

get-extensions List available Netlify extensions

get-full-extension-details Get full details of a specific extension

WRITE TOOLS

deploy-site Build and deploy a Netlify site

create-new-project Create a new Netlify project

update-project-name Update the name of a project

update-visitor-access-controls Modify access controls for a project

update-forms Update form settings for a project

manage-form-submissions Manage form submissions for a project

manage-env-vars Create and manage environment variables

change-extension-installation Install or uninstall a Netlify extension

initialize-database Initialise a database for an extension

POLICY YAML

This scaffold lists every tool with empty rules. Add conditions — rate limits, argument validation, deny rules — then deploy with Intercept.

netlify.yaml

version: "1"
description: "Policy for @netlify/mcp"
default: "allow"
tools:
    get-user:
        rules: []
    get-project:
        rules: []
    get-projects:
        rules: []
    get-deploy:
        rules: []
    get-deploy-for-site:
        rules: []
    get-forms-for-project:
        rules: []
    get-team:
        rules: []
    get-teams:
        rules: []
    get-extensions:
        rules: []
    get-full-extension-details:
        rules: []
    deploy-site:
        rules: []
    create-new-project:
        rules: []
    update-project-name:
        rules: []
    update-visitor-access-controls:
        rules: []
    update-forms:
        rules: []
    manage-form-submissions:
        rules: []
    manage-env-vars:
        rules: []
    change-extension-installation:
        rules: []
    initialize-database:
        rules: []

RELATED POLICIES

FREQUENTLY ASKED QUESTIONS

What tools does the Netlify MCP server expose?

The Netlify MCP Server exposes 18 tools across 2 categories: Read, Write. Each tool can be individually controlled with Intercept policies.

How do I enforce policies on Netlify?

Download the policy scaffold, add rules (rate limits, argument validation, deny rules), then run Intercept as a proxy in front of the Netlify MCP server. Every tool call is evaluated against your YAML policy before execution.

Is the Netlify policy free to use?

Yes. All Intercept policies are open source under the Apache 2.0 licence. Download, modify, and deploy without restrictions.

ENFORCE POLICIES ON NETLIFY

Open source. One binary. Zero dependencies.

VIEW ON GITHUB Browse all policies →

NETLIFY MCP POLICY

GET STARTED

READ TOOLS

get-user

get-project

get-projects

get-deploy

get-deploy-for-site

get-forms-for-project

get-team

get-teams

get-extensions

get-full-extension-details

WRITE TOOLS

deploy-site

create-new-project

update-project-name

update-visitor-access-controls

update-forms

manage-form-submissions

manage-env-vars

change-extension-installation

initialize-database