Synology MCP Server

70 tools. 17 can modify or destroy data without limits.

2 destructive tools with no built-in limits. Policy required.

Last updated:

17 can modify or destroy data
53 read-only
70 tools total

Community server · catalogue entry verified 02/07/2026

How to control Synology MCP Server ↓

What Synology MCP Server exposes to your agents

Read (53) Write / Execute (15) Destructive / Financial (2)
Critical Risk

The most dangerous Synology MCP Server tools

17 of Synology MCP Server's 70 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control Synology MCP Server

PolicyLayer is an MCP gateway — it sits between your AI agents and Synology MCP Server, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations
{
  "delete_item": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "add_download": {
    "limits": [
      {
        "counter": "add_download_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "check_dsm_update": {
    "limits": [
      {
        "counter": "check_dsm_update_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Synology MCP Server — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON SYNOLOGY →

Instant setup, no code required.

All 70 Synology MCP Server tools

READ 53 tools
Read check_dsm_update Check whether a DSM (operating system) update is available for the NAS. Read extract_archive Extract an archive (ZIP, etc.) into a destination folder. [control] Read get_active_connections List currently active connections to the NAS (who, from where, which protocol). Read get_autoblock_settings Get the auto-block policy (block IPs after failed login attempts). Read get_container_logs Get recent log lines for a Docker container. Read get_container_stats Get live CPU / memory / network / disk usage for a running container. Read get_ddns_status Get configured DDNS records (hostname, external IP, last update, status). Read get_directory_size Calculate the total size and item count of a folder (recursively). Read get_disk_info Get individual disk details: model, temperature, health (S.M.A.R.T.) and status. Read get_file_info Get detailed info (size, owner, timestamps) for one or more files/folders. Read get_file_md5 Compute the MD5 checksum of a file. Read get_file_services Get the enabled state and key settings of SMB, AFP, NFS and FTP file services. Read get_firewall_status Get firewall profile information. Read get_hibernation_settings Get disk hibernation (power-saving) settings. Read get_network_info Get network interfaces with IP addresses, link speed and status, plus gateway/DNS. Read get_notification_settings Get e-mail notification settings (enabled state, sender, SMTP). Read get_power_settings Get power-related hardware settings: power recovery, LED brightness, beep and power schedule. Read get_quickconnect_status Get QuickConnect configuration (enabled state and QuickConnect ID). Read get_resource_history Get recent Resource Monitor threshold events (CPU/RAM/IO spikes over time). Read get_resource_usage Get real-time CPU usage, memory usage and network throughput. Read get_security_scan_status Get the result of the Security Advisor scan (malware, network, system, updates). Read get_security_settings Get DSM security settings (session timeout, CSRF protection, IP checking). Read get_snmp_settings Get SNMP service settings. Read get_storage_info Get storage volumes: RAID type, filesystem, used/free space and health status. Read get_storage_pools Get storage pools with RAID type, status and data-scrubbing state. Read get_surveillance_info Get Surveillance Station info: version, camera count and licence usage. Read get_system_health Get overall system health: status, uptime, reboot-required flag and fan status. Read get_system_info Get NAS model, DSM version, hostname, uptime, RAM, temperature and serial number. Read get_system_logs Get recent system log entries. Read get_terminal_settings Get SSH / Telnet terminal access settings. Read get_time_settings Get the NAS time, timezone and NTP synchronization settings. Read get_ups_status Get UPS (uninterruptible power supply) status and configuration. Read list_backup_tasks List Hyper Backup tasks with their current state and target. Read list_cameras List Surveillance Station cameras with model, IP and status. Read list_certificates List installed TLS/SSL certificates with validity dates and assigned services. Read list_containers List all Docker / Container Manager containers with their state and image. Read list_docker_images List Docker images stored on the NAS, including whether an update is available. Read list_docker_projects List Docker Compose / Container Manager projects. Read list_downloads List Download Station tasks with progress, size and transfer speed. Read list_drive_connections List Synology Drive client connections (devices syncing with the NAS). Read list_files list_files Read list_groups List local user groups. Read list_packages List installed packages (apps) with their version and running status. Read list_photo_albums List albums in Synology Photos (personal space). Read list_processes List top running processes by CPU or memory usage. Read list_scheduled_tasks List scheduled tasks (cron jobs, scripts, scheduled backups, etc.). Read list_shared_folders List shared folders with their volume location and description (admin view). Read list_shares List all available shared folders (File Station view). Read list_usb_devices List USB devices connected to the NAS. Read list_users List local user accounts with description, email, 2FA and status. Read list_virtual_machines List Virtual Machine Manager guests with their state and resource allocation. Read search_files Search for files by name pattern within a folder. Read shutdown_nas Shut down (power off) the NAS. [control][power] Requires SYNOLOGY_ENABLE_POWER_CONTROL=true.

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Questions about Synology MCP Server

Can an AI agent delete data through the Synology MCP Server MCP server? +

Yes. The Synology MCP Server server exposes 2 destructive tools including delete_item, delete_shared_folder. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Synology MCP Server? +

The Synology MCP Server server has 6 write tools including add_download, copy_move_item, create_folder. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Synology MCP Server.

How many tools does the Synology MCP Server MCP server expose? +

70 tools across 4 categories: Destructive, Execute, Read, Write. 53 are read-only. 17 can modify, create, or delete data.

How do I enforce a policy on Synology MCP Server? +

Register the Synology MCP Server MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Synology MCP Server tool call.

Deterministic rules across all 70 Synology MCP Server tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

70 Synology MCP Server tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.