// SCAN REPORT

Screenshotsmcp

56 tools. 20 can modify or destroy data without limits.

2 destructive tools with no built-in limits. Policy required.

Last updated:

20 can modify or destroy data
36 read-only
56 tools total
// TOOL MAP
Read (36) Write / Execute (18) Destructive / Financial (2)
// WHAT CAN GO WRONG

Destructive tools (browser_cookies, webhook_delete) permanently delete resources. There is no undo. An agent calling these in a retry loop causes irreversible damage.

Write operations (browser_click, browser_click_at, browser_close) modify state. Without rate limits, an agent can make hundreds of changes in seconds — faster than any human can review or revert.

Execute tools (browser_evaluate, browser_navigate, browser_wait_for) trigger processes with side effects. Builds, notifications, workflows — all fired without throttling.

One command. Full control.

Intercept sits between your agent and Screenshotsmcp. Every tool call checked against your policy before it executes — so your agent can do its job without breaking things.

npx -y @policylayer/intercept scan -- npx -y @relievedattention992-smithery/screenshotsmcp
Scans every tool. Generates a policy. Starts enforcing.
Works with Claude Code · Cursor · Claude Desktop · Windsurf · any MCP client
// RECOMMENDED RULES
Deny destructive operations
browser_cookies:
  rules:
    - action: deny

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
browser_click:
  rules:
    - rate_limit: 30/hour

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
accessibility_snapshot:
  rules:
    - rate_limit: 60/minute

Controls API costs and prevents retry loops from exhausting upstream rate limits.

// ALL 56 SCREENSHOTSMCP TOOLS
DESTRUCTIVE 2 tools
Destructive browser_cookies Destructive webhook_delete
EXECUTE 4 tools
Execute browser_evaluate Execute browser_navigate Execute browser_wait_for Execute ux_review
WRITE 14 tools
Write browser_click Write browser_click_at Write browser_close Write browser_fill Write browser_press_key Write browser_scroll Write browser_select_option Write browser_set_viewport Write browser_storage Write create_test_inbox Write send_test_email Write smart_login Write webhook_create Write webhook_rotate
READ 36 tools
Read accessibility_snapshot Read auth_test_assist Read authorize_email_access Read browser_console_logs Read browser_get_accessibility_tree Read browser_get_html Read browser_get_text Read browser_go_back Read browser_go_forward Read browser_hover Read browser_network_errors Read browser_network_requests Read browser_perf_metrics Read browser_screenshot Read browser_seo_audit Read check_inbox Read find_breakpoints Read find_login_page Read get_screenshot_status Read list_recent_screenshots Read og_preview Read read_verification_email Read screenshot_batch Read screenshot_cross_browser Read screenshot_dark Read screenshot_diff Read screenshot_element Read screenshot_fullpage Read screenshot_pdf Read screenshot_responsive Read screenshot_tablet Read solve_captcha Read take_screenshot Read webhook_deliveries Read webhook_list Read webhook_test
// FAQ
Can an AI agent delete data through the Screenshotsmcp MCP server? +

Yes. The Screenshotsmcp server exposes 2 destructive tools including browser_cookies, webhook_delete. These permanently remove resources with no undo. Intercept blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Screenshotsmcp? +

The Screenshotsmcp server has 14 write tools including browser_click, browser_click_at, browser_close. Set rate limits in your policy file -- for example, rate_limit: 10/hour prevents an agent from making more than 10 modifications per hour. Intercept enforces this at the transport layer.

How many tools does the Screenshotsmcp MCP server expose? +

56 tools across 4 categories: Destructive, Execute, Read, Write. 36 are read-only. 20 can modify, create, or delete data.

How do I add Intercept to my Screenshotsmcp setup? +

One line change. Instead of running the Screenshotsmcp server directly, prefix it with Intercept: intercept -c relievedattention992-smithery-screenshotsmcp.yaml -- npx -y @relievedattention992-smithery/screenshotsmcp. Download a pre-built policy from policylayer.com/policies/relievedattention992-smithery-screenshotsmcp and adjust the limits to match your use case.

// RELATED SERVERS

Other MCP servers with similar tools.

Starter policies available for each. Same risk classification, same one-command setup.

Mcp Api 310 tools
adminautomation
Aibtc 288 tools
adminautomation
Google Super 200 tools
adminautomation
Propresenter 177 tools
adminautomation
Leaper Vision Toolkit 169 tools
adminautomation
Apiosk 160 tools
adminautomation
Mcp Sitecore 153 tools
adminautomation
SmartBear MCP 147 tools
adminautomation
policylayer/intercept

Control every MCP tool call
your agent makes.

Set budgets, approvals, and hard limits across MCP servers.

npx -y @policylayer/intercept init
Protect your agent in 30 seconds. Scans your MCP config and generates enforcement policies for every server.
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.