// SCAN REPORT

MCP-BPMN Server

41 tools. 26 can modify or destroy data without limits.

4 destructive tools with no built-in limits. Policy required.

Last updated:

26 can modify or destroy data
15 read-only
41 tools total

Community server · catalogue entry verified 12/06/2026

How to control MCP-BPMN Server ↓

TOOL MAP

What MCP-BPMN Server exposes to your agents

Read (15) Write / Execute (22) Destructive / Financial (4)

Running more than one server? Check your whole stack →

MOST DANGEROUS TOOLS
Critical Risk

The most dangerous MCP-BPMN Server tools

Destructive · High bpmn_delete_diagram This tool permanently removes BPMN diagram files without reversibility. Destructive · High bpmn_delete_element This tool permanently removes elements from BPMN diagrams without the ability to undo the action through the tool's interface. Destructive · High delete_diagram_file The tool permanently deletes files without reversibility, fitting the Destructive category. Destructive · High delete_element This tool performs an irreversible deletion operation on diagram elements.

26 of MCP-BPMN Server's 41 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

POLICY

How to control MCP-BPMN Server

PolicyLayer is an MCP gateway — it sits between your AI agents and MCP-BPMN Server, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations
{
  "bpmn_delete_diagram": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "new_bpmn": {
    "limits": [
      {
        "counter": "new_bpmn_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "bpmn_get_diagrams_path": {
    "limits": [
      {
        "counter": "bpmn_get_diagrams_path_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register MCP-BPMN Server — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON MCP-BPMN →

Free to start. No card required.

FULL CATALOGUE

All 41 MCP-BPMN Server tools

DESTRUCTIVE 4 tools
Destructive bpmn_delete_diagram Delete a saved BPMN diagram file Destructive bpmn_delete_element Delete an element from the process Destructive delete_diagram_file Delete a saved BPMN diagram file Destructive delete_element Delete an element from the current diagram
WRITE 22 tools
Write new_bpmn Create a new BPMN diagram and set it as current context Write new_from_mermaid Create a new BPMN diagram from Mermaid code and set it as current context Write add_activity Add an activity to the current diagram Write add_event Add an event to the current diagram Write add_gateway Add a gateway to the current diagram Write add_lane Add a lane to an existing pool in the current diagram Write add_pool Add a pool to the current collaboration diagram Write auto_layout Apply automatic layout to the current diagram Write bpmn_add_gateway Add a gateway (decision point) to the process Write bpmn_add_lane Add a lane to an existing pool Write bpmn_add_pool Add a participant pool to a collaboration Write bpmn_auto_layout Apply automatic layout to a process for better visual positioning Write bpmn_connect Connect two elements with a sequence flow Write bpmn_convert_mermaid Convert a Mermaid flowchart diagram to BPMN 2.0 format Write bpmn_import_mermaid Import a Mermaid diagram and create an editable BPMN process Write bpmn_update_element Update properties of an existing element Write close Close the current diagram and clear the context Write connect Connect two elements in the current diagram Write open_mermaid_file Open a Mermaid file, convert it to BPMN, and set as current context Write save Save the current diagram to its file (error if no filename set) Write save_as Save the current diagram with a new filename Write update_element Update properties of an element in the current diagram
READ 15 tools
Read bpmn_get_diagrams_path Get the path where BPMN diagrams are saved Read bpmn_get_element Get details of a specific element Read bpmn_list_diagrams List all saved BPMN diagrams Read bpmn_list_elements List all elements in a process Read bpmn_load_diagram Load a saved BPMN diagram Read bpmn_validate Validate a BPMN process for correctness Read current Get information about the current diagram Read get_diagrams_path Get the path where BPMN diagrams are saved Read get_element Get details of a specific element in the current diagram Read list_diagrams List all saved BPMN diagrams Read list_elements List all elements in the current diagram Read validate Validate the current diagram for BPMN correctness Read bpmn_export Export the process as BPMN 2.0 XML or SVG Read export Export the current diagram as BPMN XML Read open_bpmn Open an existing BPMN file and set it as current context
EXPLORE

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Sperax Ecosystem Crypto & DeFI MCP Server 1318 tools
adminautomation
Mcp Afip 1300 tools
adminautomation
Mcp Ap2 1300 tools
adminautomation
BNB Chain MCP 1240 tools
adminautomation
Nodebench 824 tools
adminautomation
Amazon Bedrock Knowledge Base Retrieval MCP Server 805 tools
adminautomation
Amazon Data Processing MCP Server 805 tools
adminautomation
Amazon ECS MCP Server 805 tools
adminautomation
FAQ

Questions about MCP-BPMN Server

Can an AI agent delete data through the MCP-BPMN Server MCP server? +

Yes. The MCP-BPMN Server server exposes 4 destructive tools including bpmn_delete_diagram, bpmn_delete_element, delete_diagram_file. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through MCP-BPMN Server? +

The MCP-BPMN Server server has 22 write tools including new_bpmn, new_from_mermaid, add_activity. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach MCP-BPMN Server.

How many tools does the MCP-BPMN Server MCP server expose? +

41 tools across 4 categories: Destructive, Execute, Read, Write. 15 are read-only. 26 can modify, create, or delete data.

How do I enforce a policy on MCP-BPMN Server? +

Register the MCP-BPMN Server MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every MCP-BPMN Server tool call.

Deterministic rules across all 41 MCP-BPMN Server tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

ENFORCE POLICY ON MCP-BPMN →

Free to start. No card required.

41 MCP-BPMN Server tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.