// SCAN REPORT

Vercel MCP Server

154 tools. 85 can modify or destroy data without limits.

32 destructive tools with no built-in limits. Policy required.

Last updated:

85 can modify or destroy data
69 read-only
154 tools total

Community server · catalogue entry verified 11/06/2026

How to control Vercel MCP Server ↓

TOOL MAP

Read (69) Write / Execute (53) Destructive / Financial (32)

MOST DANGEROUS TOOLS

Critical Risk
Financial · High domain_register Registering a domain involves a financial transaction (purchasing a domain registration, typically an annual fee). Financial · Critical submit_marketplace_balance The tool explicitly deals with prepayment balances in a marketplace context. Financial · Critical submit_marketplace_billing This tool submits billing data to a marketplace, which directly involves financial transactions or commitments. Financial · Critical submit_marketplace_invoice Submitting a marketplace invoice is a financial action that creates or commits a financial obligation.

85 of Vercel MCP Server's 154 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

HOW TO CONTROL VERCEL MCP SERVER

PolicyLayer is an MCP gateway — it sits between your AI agents and Vercel MCP Server, and nothing reaches the server without passing your rules. These are the rules we recommend:

Block financial tools by default
{
  "domain_buy": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Requires human approval."
      }
    ]
  }
}

Financial tools should be explicitly enabled per use case, not open by default.

Deny destructive operations
{
  "cancel_deployment": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "accept_project_transfer": {
    "limits": [
      {
        "counter": "accept_project_transfer_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "check_artifact": {
    "limits": [
      {
        "counter": "check_artifact_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Vercel MCP Server — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON VERCEL →

Free to start. No card required.

ALL 154 VERCEL MCP SERVER TOOLS

FINANCIAL 6 tools
Financial domain_buy Purchase a domain Financial marketplace_invoice_action Perform invoice actions like refund Financial domain_register Register or transfer-in a domain Financial submit_marketplace_balance Submit prepayment balances Financial submit_marketplace_billing Submit marketplace billing data Financial submit_marketplace_invoice Submit a marketplace invoice
DESTRUCTIVE 26 tools
Destructive cancel_deployment Cancel a deployment which is currently building Destructive delete_access_group Delete an access group Destructive delete_access_group_project Delete an access group project Destructive delete_alias Delete an Alias with the specified ID Destructive delete_auth_token Invalidate an authentication token Destructive delete_deployment Delete a deployment by ID or URL Destructive delete_dns_record Removes an existing DNS record from a domain name Destructive delete_edge_config Delete an Edge Config Destructive delete_edge_config_schema Delete Edge Config Schema Destructive delete_edge_config_tokens Delete Edge Config Tokens Destructive delete_env Delete an environment variable Destructive delete_environment Remove a custom environment from a project Destructive delete_firewall_bypass Remove system bypass rules Destructive delete_project Delete a specific project Destructive delete_secret Delete a secret Destructive delete_team Delete a team under your account Destructive delete_user Initiates the deletion process for the currently authenticated User Destructive delete_webhook Deletes a webhook Destructive domain_remove Remove a domain Destructive int_delete Delete an integration configuration Destructive logdrain_delete Deletes a configurable log drain Destructive logdrain_delete_integration Deletes an integration log drain Destructive remove_cert Remove a certificate Destructive remove_domain Remove a domain from a project Destructive remove_project_member Remove a member from a specific project Destructive remove_team_member Remove a member from a team
EXECUTE 4 tools
Execute marketplace_sso_token_exchange Exchange OAuth code for OIDC token Execute sso_token_exchange Exchange OAuth code for OIDC token during SSO authorization Execute create_deployment Create a new deployment with all required data Execute promote_deployment Promote a deployment
WRITE 49 tools
Write accept_project_transfer Accept project transfer request Write request_project_transfer Request project transfer Write pause_project Pause a project Write record_artifact_events Records artifacts cache usage events Write add_domain Add a domain to a project Write add_env Add environment variables to a project Write add_project_member Adds a new member to a project Write assign_alias Creates a new alias for the deployment with the given deployment ID Write create_access_group Create a new access group Write create_access_group_project Create an access group project Write create_auth_token Creates and returns a new authentication token for the currently authenticated User Write create_dns_record Creates a DNS record for a domain Write create_edge_config Create a new Edge Config Write create_edge_config_token Create a new Edge Config Token Write create_environment Create a custom environment for a project Write create_firewall_bypass Create new system bypass rules Write create_marketplace_event Create a marketplace event Write create_project Create a new project with the provided configuration Write create_secret Create a new secret Write create_team Create a new Team under your account Write create_webhook Creates a webhook Write domain_update Update or move apex domain Write import_marketplace_resource Import a marketplace resource Write int_update_action Update deployment integration action Write invite_team_member Invite a user to join a team Write issue_cert Issue a new certificate Write logdrain_create Creates a configurable log drain Write logdrain_create_integration Creates an integration log drain Write put_firewall_config Set the complete firewall configuration Write send_web_vitals Send web vitals data to Speed Insights API (Deprecated: Use @vercel/speed-insights package instead) Write update_access_group Update an access group Write update_access_group_project Update an access group project Write update_attack_mode Update the Attack Challenge mode settings Write update_deployment_integration Update deployment integration action status Write update_dns_record Updates an existing DNS record for a domain name Write update_edge_config Update an Edge Config Write update_edge_config_items Update Edge Config Items Write update_edge_config_schema Update Edge Config Schema Write update_env Update an environment variable Write update_environment Update a custom environment Write update_firewall_config Update the firewall configuration Write update_marketplace_secrets Update marketplace resource secrets Write update_project Update an existing project Write update_secret_name Change the name of a secret Write update_team Update team information Write update_team_member Update a team member Write upload_artifact Uploads a cache artifact identified by its hash Write upload_cert Upload a certificate Write upload_deployment_files Upload files required for deployment
READ 69 tools
Read check_artifact Check that a cache artifact with the given hash exists Read domain_check Check if a domain name is available for purchase Read domain_config Get a Domain Read domain_get Get information for a single domain Read domain_list List all domains Read domain_price Check the price to purchase a domain Read domain_registry Get domain transfer info Read download_artifact Downloads a cache artifact identified by its hash Read get_access_group Read an access group Read get_access_group_project Read an access group project Read get_alias Retrieves an Alias for the given host name or alias ID Read get_artifact_status Check the status of Remote Caching for this principal Read get_attack_status Retrieve active attack data within the last 24h window Read get_auth_token Retrieve metadata about an authentication token Read get_cert Get certificate by ID Read get_deployment Get deployment by ID or URL Read get_deployment_events Get build logs and events for a deployment Read get_deployment_file Get contents of a specific deployment file Read get_domain Get domain information Read get_edge_config Get an Edge Config Read get_edge_config_backup Get Edge Config Backup Read get_edge_config_item Get an Edge Config Item Read get_edge_config_schema Get Edge Config Schema Read get_edge_config_token Get Edge Config Token Read get_env Get an environment variable Read get_environment Retrieve a custom environment Read get_firewall_bypass Retrieve the system bypass rules Read get_firewall_config Retrieve the firewall configuration Read get_marketplace_account Get marketplace account information Read get_marketplace_invoice Get marketplace invoice details Read get_marketplace_member Get marketplace member information Read get_project_domain Get project domain by project id/name and domain name Read get_promotion_aliases Get promotion aliases Read get_secret Get information for a specific secret Read get_team Get information for a specific team Read get_user Retrieves information related to the currently authenticated User Read get_webhook Get a webhook Read int_get Retrieve an integration configuration Read int_gitns List git namespaces by provider Read int_list Get configurations for the authenticated user or team Read int_search_repo List git repositories linked to namespace Read list_access_group_members List members of an access group Read list_access_group_projects List projects of an access group Read list_access_groups List access groups for a team, project or member Read list_aliases Retrieves a list of aliases for the authenticated User or Team Read list_auth_tokens Retrieve a list of the current User Read list_deployment List deployments under the authenticated user or team Read list_deployment_aliases Retrieves all Aliases for the Deployment with the given ID Read list_deployment_files Get file structure of a deployment Read list_deployments List deployments for a project Read list_dns_records Retrieves a list of DNS records created for a domain name Read list_domains List all domains for a project Read list_edge_config_backups List Edge Config Backups Read list_edge_config_items List Edge Config Items Read list_edge_config_tokens List Edge Config Tokens Read list_edge_configs List all Edge Configs Read list_env List all environment variables Read list_environments List custom environments for a project Read list_project_members Lists all members of a project Read list_projects List all projects from Vercel. Commands: Read list_secrets List all secrets Read list_team_members Get a list of team members Read list_teams Get a list of all teams the authenticated user is a member of Read list_user_events Retrieves a list of events generated by the User on Vercel Read list_webhooks Get a list of webhooks Read logdrain_get Retrieves a configurable log drain Read logdrain_list Retrieves a list of all log drains Read logdrain_list_integration Retrieves a list of integration log drains Read query_artifacts Query information about an array of artifacts

RELATED SERVERS

Other MCP servers with similar tools — same risk classification, starter policies for each.

BNB Chain MCP 1240 tools
paymentsadmin
Binance MCP Server 734 tools
paymentsadmin
GoHighLevel MCP Server 566 tools
paymentsadmin
0nmcp 407 tools
paymentsadmin
TheProtocol — Sovereign AI Agent Platform 380 tools
paymentsadmin
Ebay 332 tools
paymentsadmin
Aibtc 327 tools
paymentsadmin
Unity MCP Server 324 tools
paymentsadmin

FAQ

Can an AI agent move money through the Vercel MCP Server MCP server? +

Yes. The Vercel MCP Server server exposes 6 financial tools including domain_buy, marketplace_invoice_action, domain_register. Without a policy, an autonomous agent can call these with no spend caps, no rate limits, and no approval flow. PolicyLayer lets you block financial tools by default, require human approval, or set per-tool rate limits — enforced on every call.

Can an AI agent delete data through the Vercel MCP Server MCP server? +

Yes. The Vercel MCP Server server exposes 26 destructive tools including cancel_deployment, delete_access_group, delete_access_group_project. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Vercel MCP Server? +

The Vercel MCP Server server has 49 write tools including accept_project_transfer, request_project_transfer, pause_project. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Vercel MCP Server.

How many tools does the Vercel MCP Server MCP server expose? +

154 tools across 4 categories: Destructive, Financial, Read, Write. 69 are read-only. 85 can modify, create, or delete data.

How do I enforce a policy on Vercel MCP Server? +

Register the Vercel MCP Server MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Vercel MCP Server tool call.

Deterministic rules across all 154 Vercel MCP Server tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

ENFORCE POLICY ON VERCEL →

Free to start. No card required.

154 Vercel MCP Server tools catalogued and risk-classified — across an index of 42,500+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.