// SCAN REPORT

Music MCP

6 tools. 3 can modify or destroy data without limits.

3 write tools that can modify data. Rate limits recommended.

Last updated: 12 Jun 2026

3 can modify or destroy data

3 read-only

6 tools total

Community server · catalogue entry verified 12/06/2026

How to control Music MCP ↓

TOOL MAP

What Music MCP exposes to your agents

Read (3) Write / Execute (3) Destructive / Financial (0)

Running more than one server? Check your whole stack →

MOST DANGEROUS TOOLS

High Risk

The most dangerous Music MCP tools

Execute · Medium execute_music_command This tool runs playback control commands (play, pause, skip, etc.) via AppleScript, which are executable operations that trigger external state changes in the Apple Music application. Execute · Medium queue_music This tool manipulates the Apple Music play queue via AppleScript, which constitutes executing external operations on a running application. Write · Medium manage_playlist This tool creates and modifies playlist data within Apple Music.

3 of Music MCP's 6 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

POLICY

How to control Music MCP

PolicyLayer is an MCP gateway — it sits between your AI agents and Music MCP, and nothing reaches the server without passing your rules. These are the rules we recommend:

Rate limit write operations

{
  "manage_playlist": {
    "limits": [
      {
        "counter": "manage_playlist_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations

{
  "get_music_info": {
    "limits": [
      {
        "counter": "get_music_info_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

Create a free account and register Music MCP — nothing to install.
Add these rules — paste them, or build them visually. Tune the limits to your setup.
Point your MCP client (Claude, Cursor, anything) at your gateway URL.

ENFORCE POLICY ON MUSIC →

Free to start. No card required.

FULL CATALOGUE

All 6 Music MCP tools

EXECUTE 2 tools

Execute execute_music_command Execute music playback control commands Execute queue_music Manage music queue and enhanced playlist control

WRITE 1 tools

Write manage_playlist Create and manage playlists

READ 3 tools

Read get_music_info Retrieve information about current playback or library Read info Get diagnostic information about the Music MCP server status Read search_music Search the music library

EXPLORE

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

FAQ

Questions about Music MCP

How do I prevent bulk modifications through Music MCP? +

The Music MCP server has 1 write tools including manage_playlist. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Music MCP.

How many tools does the Music MCP server expose? +

6 tools across 3 categories: Execute, Read, Write. 3 are read-only. 3 can modify, create, or delete data.

How do I enforce a policy on Music MCP? +

Register the Music MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Music MCP tool call.

Deterministic rules across all 6 Music MCP tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

ENFORCE POLICY ON MUSIC →

Free to start. No card required.

6 Music MCP tools catalogued and risk-classified — across an index of 43,000+ MCP servers.