Onion

30 tools. 8 can modify or destroy data without limits.

8 write tools that can modify data. Rate limits recommended.

Last updated:

8 can modify or destroy data
22 read-only
30 tools total

Community server · catalogue entry verified 03/07/2026

How to control Onion ↓

What Onion exposes to your agents

Read (22) Write / Execute (8) Destructive / Financial (0)
High Risk

The most dangerous Onion tools

8 of Onion's 30 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control Onion

PolicyLayer is an MCP gateway — it sits between your AI agents and Onion, and nothing reaches the server without passing your rules. These are the rules we recommend:

Rate limit write operations
{
  "ai_rewrite": {
    "limits": [
      {
        "counter": "ai_rewrite_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "ai_classify": {
    "limits": [
      {
        "counter": "ai_classify_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Onion — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON ONION →

Instant setup, no code required.

All 30 Onion tools

READ 22 tools
Read ai_classify 对文本进行分类,支持情感分析、主题分类、意图识别,或自定义分类标签。 Read ai_extract 从文本中提取结构化信息,支持:人名、地名、时间、 Read ai_summarize 对长文本进行摘要,支持要点列表、段落摘要、一句话摘要三种模式。 Read ai_translate 将文本翻译为目标语言。自动检测源语言, Read code_explain 解释代码的功能和逻辑,支持所有主流编程语言。 Read code_review 审查代码,找出 Bug、安全漏洞、性能问题和代码风格问题。 Read data_convert 在 JSON、CSV、YAML、TOML 格式之间互相转换。 Read data_csv_analyze 分析 CSV 数据,输出列信息、行数、数值列统计等摘要。 Read data_json_query 用简单路径表达式查询 JSON 数据。\n Read data_table_format 将 JSON 数组数据格式化为 Markdown 表格。 Read sys_hash 计算字符串或文本的哈希值。 Read sys_json_valid 验证 JSON 字符串是否合法,并返回格式化后的结果。 Read sys_time 获取当前日期和时间,支持指定时区。 Read sys_url_encode URL 编码或解码文本。 Read sys_uuid 生成 UUID。 Read text_clean 清理文本:去除多余空行、首尾空白、重复行等。 Read text_count 统计文本的字数、行数、字符数、段落数等信息。 Read text_diff 对比两段文本的差异,输出 unified diff 格式。 Read text_format 格式化文本内容,支持 JSON、YAML(需 pyyaml)、去除多余空白。 Read web_extract 从网页 URL 提取结构化信息:标题、描述、正文摘要、所有链接。 Read web_fetch 抓取指定 URL 的网页内容,返回纯文本(自动去除 HTML 标签)。 Read web_search 使用 DuckDuckGo 搜索,返回搜索结果列表(无需 API Key)。

Questions about Onion

How do I prevent bulk modifications through Onion? +

The Onion server has 5 write tools including ai_rewrite, code_convert, code_docstring. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Onion.

How many tools does the Onion MCP server expose? +

30 tools across 2 categories: Read, Write. 22 are read-only. 8 can modify, create, or delete data.

How do I enforce a policy on Onion? +

Register the Onion MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Onion tool call.

Deterministic rules across all 30 Onion tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

30 Onion tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.