ML Lab MCP

62 tools. 33 can modify or destroy data without limits.

4 destructive tools with no built-in limits. Policy required.

Last updated:

33 can modify or destroy data
29 read-only
62 tools total

Community server · catalogue entry verified 29/06/2026

How to control ML Lab MCP ↓

What ML Lab MCP exposes to your agents

Read (29) Write / Execute (29) Destructive / Financial (4)
Critical Risk

The most dangerous ML Lab MCP tools

33 of ML Lab MCP's 62 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control ML Lab MCP

PolicyLayer is an MCP gateway — it sits between your AI agents and ML Lab MCP, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations
{
  "infra_terminate": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "creds_add": {
    "limits": [
      {
        "counter": "creds_add_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "codex_analyze_error": {
    "limits": [
      {
        "counter": "codex_analyze_error_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register ML Lab MCP — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON ML LAB →

Instant setup, no code required.

All 62 ML Lab MCP tools

READ 29 tools
Read codex_analyze_error Have Codex analyze an error and suggest fixes Read codex_status Check if Codex CLI is available for code execution tasks Read creds_expiry_check Check credential expiry status (expired, expiring soon, healthy) Read creds_list List all configured providers (does not show keys) Read creds_test Test credentials for a specific provider Read dataset_inspect Inspect a dataset Read dataset_list List all registered datasets Read dataset_preview Preview samples from a dataset Read experiment_compare Compare multiple experiments Read experiment_get Get details of an experiment Read experiment_list List all experiments Read infra_list_gpus List available GPUs across all providers with pricing Read infra_provision Provision a cloud GPU instance Read ollama_list List all models in Ollama Read ollama_status Check Ollama service status (running, version, GPU) Read owui_list_knowledge List knowledge bases in Open WebUI Read owui_list_models List model configurations in Open WebUI Read owui_status Check Open WebUI connection status Read security_audit_log View recent audit log entries Read security_audit_summary Get a summary of audit activity Read security_ssh_key_rotate Rotate SSH key for a VPS Read security_tailscale_status Check Tailscale VPN connection status Read thinking_reports List or retrieve deep analysis reports Read train_estimate Estimate resources and cost for training Read train_status Get status of a training run (auto-analyzes errors with Codex if available) Read vps_list List all registered VPS machines Read vps_logs Get training logs from a VPS run Read vps_status Check status of a VPS (online, GPU usage, running jobs) Read vps_sync Sync a dataset to a VPS

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Questions about ML Lab MCP

Can an AI agent delete data through the ML Lab MCP server? +

Yes. The ML Lab MCP server exposes 4 destructive tools including infra_terminate, ollama_delete, owui_delete_model. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through ML Lab MCP? +

The ML Lab MCP server has 13 write tools including creds_add, creds_create_vault, creds_rotate. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach ML Lab MCP.

How many tools does the ML Lab MCP server expose? +

62 tools across 4 categories: Destructive, Execute, Read, Write. 29 are read-only. 33 can modify, create, or delete data.

How do I enforce a policy on ML Lab MCP? +

Register the ML Lab MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every ML Lab MCP tool call.

Deterministic rules across all 62 ML Lab MCP tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

62 ML Lab MCP tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.