// SCAN REPORT

Specky

56 tools. 37 can modify or destroy data without limits.

37 write tools that can modify data. Rate limits recommended.

Last updated:

37 can modify or destroy data
19 read-only
56 tools total

Community server · catalogue entry verified 12/06/2026

How to control Specky ↓

TOOL MAP

What Specky exposes to your agents

Read (19) Write / Execute (37) Destructive / Financial (0)

Running more than one server? Check your whole stack →

MOST DANGEROUS TOOLS
High Risk

The most dangerous Specky tools

Execute · Medium sdd_advance_phase Advancing a pipeline phase triggers a state transition and likely downstream operations (validation, artifact generation). Execute · High sdd_setup_local_env This tool triggers external operations by detecting the tech stack, generating Docker configuration files, and routing instructions to Docker MCP to create and manage containers. Execute · High sdd_validate_iac This tool generates and routes execution payloads to external MCP servers (Terraform, Azure) for infrastructure-as-code validation and planning. Write · Medium sdd_run_analysis The tool reads spec files (Read) but also generates/writes a new file (ANALYSIS.md), making Write the dominant category.

37 of Specky's 56 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

POLICY

How to control Specky

PolicyLayer is an MCP gateway — it sits between your AI agents and Specky, and nothing reaches the server without passing your rules. These are the rules we recommend:

Rate limit write operations
{
  "sdd_run_analysis": {
    "limits": [
      {
        "counter": "sdd_run_analysis_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "sdd_check_ecosystem": {
    "limits": [
      {
        "counter": "sdd_check_ecosystem_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Specky — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON SPECKY →

Free to start. No card required.

FULL CATALOGUE

All 56 Specky tools

EXECUTE 3 tools
Execute sdd_validate_iac Generates a validation payload for Terraform MCP (plan/validate) or Azure MCP (template validation). The AI cl Execute sdd_advance_phase Validates that the current phase Execute sdd_setup_local_env Detects the project tech stack and generates a Docker-based local development environment (Dockerfile + docker
WRITE 34 tools
Write sdd_run_analysis Reads all spec files, generates ANALYSIS.md with traceability matrix and coverage report, and returns a gate d Write sdd_auto_pipeline FULLY AUTOMATED: Reads a meeting transcript, extracts requirements, and runs the complete SDD pipeline in one Write sdd_compliance_check Validates specification and design against a compliance framework (HIPAA, SOC2, GDPR, PCI-DSS, ISO27001, or ge Write sdd_cross_analyze Cross-artifact consistency analysis: checks alignment between SPECIFICATION.md, DESIGN.md, and TASKS.md. Finds Write sdd_verify_tasks Reads TASKS.md and checks code_paths for implementation evidence. Detects phantom completions — tasks marked [ Write sdd_amend Appends an amendment entry to CONSTITUTION.md Write sdd_batch_transcripts Scans a folder for transcript files (.vtt, .srt, .txt, .md) and runs the full SDD auto-pipeline for each one. Write sdd_checklist Generates a domain-specific quality checklist (security, accessibility, performance, etc.) by analyzing SPECIF Write sdd_checkpoint Creates a named snapshot of all spec artifacts (CONSTITUTION.md, SPECIFICATION.md, DESIGN.md, TASKS.md, etc.) Write sdd_create_pr Generates a pull request payload from SPECIFICATION.md and TASKS.md with spec summary, requirements covered, a Write sdd_export_work_items Transforms TASKS.md into platform-specific work item payloads (GitHub Issues, Azure Boards, or Jira). Returns Write sdd_figma_diagram Generates a FigJam-ready diagram payload from DESIGN.md. Returns structured data with routing_instructions for Write sdd_generate_all_diagrams Generates ALL diagram types for a feature in one call. Produces architecture, sequence, ERD, flow, dependency, Write sdd_generate_all_docs Generates ALL documentation types in parallel: full docs, API docs, runbook, onboarding guide, and SDD journey Write sdd_generate_api_docs Extracts API endpoints from DESIGN.md and generates structured API documentation with request/response example Write sdd_generate_devcontainer Generates .devcontainer/devcontainer.json from the detected tech stack and DESIGN.md. Writes the file to disk Write sdd_generate_diagram Generates a single Mermaid diagram from a specification artifact. Supports 17 diagram types: flowchart, sequen Write sdd_generate_dockerfile Reads DESIGN.md or uses sdd_scan_codebase results to detect the tech stack, then generates a Dockerfile and op Write sdd_generate_docs Generates comprehensive feature documentation from SPECIFICATION.md, DESIGN.md, TASKS.md, and ANALYSIS.md. Wri Write sdd_generate_iac Reads DESIGN.md to detect infrastructure needs and generates Terraform or Bicep files. Returns generated file Write sdd_generate_onboarding Generates a developer onboarding guide with feature overview, architecture summary, getting started steps, key Write sdd_generate_runbook Generates an operational runbook with deployment, monitoring, troubleshooting, and rollback procedures. Writes Write sdd_generate_tests Generate test stubs from acceptance criteria in SPECIFICATION.md and TASKS.md. Write sdd_generate_user_stories Generates user stories with acceptance criteria and flow diagrams from SPECIFICATION.md. Each story includes a Write sdd_import_transcript Parses a meeting transcript (VTT, SRT, TXT, or MD) and extracts structured data: participants, topics, decisio Write sdd_init Creates .specs/ directory, writes CONSTITUTION.md skeleton, and initializes the state machine. Call this first Write sdd_research Takes an array of research questions, generates RESEARCH.md with structured entries (question, findings placeh Write sdd_restore Restores all spec artifacts to a previous checkpoint snapshot. Write sdd_setup_codespaces Detects the project tech stack and generates a devcontainer configuration suitable for GitHub Codespaces. Retu Write sdd_turnkey_spec Generates a complete EARS specification from a natural language feature description. Write sdd_write_bugfix Generates and writes BUGFIX_SPEC.md with current behavior, expected behavior, unchanged behavior, root cause a Write sdd_write_design Generates and writes DESIGN.md with architecture overview, Mermaid diagrams, ADRs, and API contracts. Write sdd_write_spec Generates and writes SPECIFICATION.md with all requirements in EARS notation. Validates each requirement again Write sdd_write_tasks Generates and writes TASKS.md with pre-implementation gates, sequenced tasks with [P] parallel markers, effort
READ 19 tools
Read sdd_check_ecosystem Reports which external MCP servers are recommended for the full Specky experience. Shows what each server does Read sdd_check_sync Compares specification requirements against implementation files and returns a drift report showing which requ Read sdd_clarify Reads SPECIFICATION.md and returns up to 5 disambiguation questions targeting ambiguous or incomplete requirem Read sdd_context_status Return the context tier assignment (Hot/Domain/Cold) for all spec artifacts in the active feature. Read sdd_get_status Returns the current pipeline status including: current phase, completed phases, files on disk, completion perc Read sdd_get_template Returns the raw Markdown template for a given artifact type with {{placeholder}} variables intact. Does not wr Read sdd_list_checkpoints Lists all available checkpoints for a feature with their labels, dates, and phases. Read sdd_scan_codebase Scans the workspace project structure and returns auto-steering context: detected language, framework, package Read sdd_validate_ears Validates requirement statements against EARS notation patterns (ubiquitous, event-driven, state-driven, optio Read sdd_verify_tests Reads test results JSON and cross-references with requirement IDs from SPECIFICATION.md. Read sdd_batch_import Scans a directory for supported documents (PDF, DOCX, PPTX, TXT, MD) and converts each to Markdown. Returns an Read sdd_create_branch Generates a branch name following SDD conventions and returns a command_hint for creating the branch. Does not Read sdd_discover Returns 7 structured discovery questions tailored to your project idea. Covers: scope, users, constraints, int Read sdd_figma_to_spec Prepares a structured payload for extracting design context from a Figma file. The AI client should use the re Read sdd_generate_pbt Extracts universal properties (invariants, round-trips, idempotence) from EARS requirements Read sdd_implement Reads TASKS.md and produces an ordered implementation roadmap with phases, parallel groups, dependency resolut Read sdd_import_document Imports a document (PDF, DOCX, PPTX, TXT, MD, VTT, SRT) or raw text and converts it to Markdown for SDD proces Read sdd_metrics Generate a self-contained HTML metrics dashboard for a feature. Read sdd_model_routing Return the full model routing decision table for all 10 SDD pipeline phases.
EXPLORE

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Sperax Ecosystem Crypto & DeFI MCP Server 1318 tools
automation
Mcp Afip 1300 tools
automation
Mcp Ap2 1300 tools
automation
BNB Chain MCP 1240 tools
automation
Nodebench 824 tools
automation
Amazon Bedrock Knowledge Base Retrieval MCP Server 805 tools
automation
Amazon Data Processing MCP Server 805 tools
automation
Amazon ECS MCP Server 805 tools
automation
FAQ

Questions about Specky

How do I prevent bulk modifications through Specky? +

The Specky server has 34 write tools including sdd_run_analysis, sdd_auto_pipeline, sdd_compliance_check. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Specky.

How many tools does the Specky MCP server expose? +

56 tools across 3 categories: Execute, Read, Write. 19 are read-only. 37 can modify, create, or delete data.

How do I enforce a policy on Specky? +

Register the Specky MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Specky tool call.

Deterministic rules across all 56 Specky tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

ENFORCE POLICY ON SPECKY →

Free to start. No card required.

56 Specky tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.