// SCAN REPORT

ReverseCraft DevTools MCP

46 tools. 29 can modify or destroy data without limits.

7 destructive tools with no built-in limits. Policy required.

Last updated:

29 can modify or destroy data
17 read-only
46 tools total

Community server · catalogue entry verified 12/06/2026

How to control ReverseCraft DevTools MCP ↓

TOOL MAP

What ReverseCraft DevTools MCP exposes to your agents

Read (17) Write / Execute (22) Destructive / Financial (7)

Running more than one server? Check your whole stack →

MOST DANGEROUS TOOLS
Critical Risk

The most dangerous ReverseCraft DevTools MCP tools

Destructive · Medium clear_cookies Clearing cookies is a destructive, irreversible action that permanently removes authentication tokens, session data, and other stored cookies. Destructive · Medium clear_persistent_scripts This tool irreversibly removes all persistent scripts at once — a bulk deletion operation. Destructive · Medium clear_script_replacements The tool removes all script replacement rules at once with no indication of reversibility or undo capability. Destructive · Medium remove_persistent_script This tool permanently removes a registered persistent script, which is an irreversible deletion of a configured automation artifact.

29 of ReverseCraft DevTools MCP's 46 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

POLICY

How to control ReverseCraft DevTools MCP

PolicyLayer is an MCP gateway — it sits between your AI agents and ReverseCraft DevTools MCP, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations
{
  "clear_cookies": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "clear_all_breakpoints": {
    "limits": [
      {
        "counter": "clear_all_breakpoints_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "analyze_call_graph": {
    "limits": [
      {
        "counter": "analyze_call_graph_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register ReverseCraft DevTools MCP — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON REVERSECRAFT DEVTOOLS →

Free to start. No card required.

FULL CATALOGUE

All 46 ReverseCraft DevTools MCP tools

DESTRUCTIVE 7 tools
Destructive clear_cookies Clear browser cookies for all sites or a specific domain. Destructive clear_persistent_scripts Remove all registered persistent scripts for the current page at once. This is useful for quickly resetting t Destructive clear_script_replacements Remove all script replacement rules for the current page. Destructive remove_persistent_script Remove a previously registered persistent script by its identifier. After removal, the script will no longer Destructive remove_script_replacement Remove a script replacement rule by its ID. Destructive remove_xhr_breakpoint Remove a previously set XHR/Fetch breakpoint by its URL pattern, or remove all XHR breakpoints. Destructive close_page Closes the page by its index. The last open page cannot be closed.
EXECUTE 14 tools
Execute navigate_page Navigates the currently selected page to a URL. Execute new_page Creates a new page Execute evaluate_on_call_frame Evaluate a JavaScript expression in the context of a specific call frame when paused. Execute evaluate_script Evaluate JavaScript code inside the currently selected page, similar to DevTools Console. Execute step_into Step into a function call at the current line. Execute step_out Step out of the current function to return to the caller. Execute step_over Step over to the next line of code without stepping into function calls. Execute add_persistent_script Register a JavaScript script to execute automatically on every page load. This is useful for persistent hooks Execute click Clicks on the provided element Execute press_key Press a key or key combination for keyboard shortcuts and navigation keys. Execute replace_script Replace a JavaScript code snippet in scripts matching a URL pattern. Uses network interception to modify scrip Execute resume_execution Resume JavaScript execution after hitting a breakpoint. Execute set_breakpoint Set a JavaScript breakpoint at a specific line in a file matching a URL pattern. Supports smart snapping for m Execute set_xhr_breakpoint Set an XHR/Fetch breakpoint that pauses execution when a request URL contains the specified substring.
WRITE 8 tools
Write clear_all_breakpoints Remove all active JavaScript breakpoints on the current page. Write remove_breakpoint Remove a previously set JavaScript breakpoint by its CDP breakpoint ID. Write disable_debugger Disable the JavaScript debugger on the current page and remove all breakpoints. Write fill Type text into a input, text area or select an option from a <select> element. Write save_network_request Save a network request and response to a local file in raw HTTP format. Write save_scope_variables Save all scope variables from the current debug context to a JSON file. Write save_script_source Save a script source to a local file. Use VM<id> pattern to match by scriptId, otherwise matches by URL substr Write save_static_resource Save a static resource from a network request to a local file. File extension is automatically determined.
READ 17 tools
Read analyze_call_graph Analyze the call graph for a specific JavaScript function to understand its callers and callees. Read get_console_message Gets a console message by its ID. You can get all messages by calling ${listConsoleMessages.name}. Read get_debugger_status Get the current status of the JavaScript debugger including call stack, code context, and scope variables. Read get_network_request Get a network request by reqid, or the currently selected request in DevTools if omitted. Read get_possible_breakpoints Discover all valid breakpoint locations in a script at a specific line. Useful for minified code. Read get_scope_variables Get detailed variable information from a specific scope when paused at a breakpoint. Read list_breakpoints List all active JavaScript breakpoints on the current page. Read list_console_messages List all console messages for the currently selected page since the last navigation. Read list_network_requests List all requests for the currently selected page since the last navigation. Read list_pages Get a list of pages open in the browser. Read list_persistent_scripts List all registered persistent scripts for the current page. Shows each script Read list_script_replacements List all active script replacement rules for the current page. Read list_xhr_breakpoints List all active XHR/Fetch breakpoints. Read search_network_requests Search network requests by URL pattern, HTTP method, status code, content type, or content body. Read take_screenshot Take a screenshot of the page or element. Read take_snapshot Take a text snapshot of the currently selected page based on the a11y tree. Lists page elements with unique id Read select_page Select a page as a context for future tool calls.
EXPLORE

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Sperax Ecosystem Crypto & DeFI MCP Server 1318 tools
adminautomation
Mcp Afip 1300 tools
adminautomation
Mcp Ap2 1300 tools
adminautomation
BNB Chain MCP 1240 tools
adminautomation
Nodebench 824 tools
adminautomation
Amazon Bedrock Knowledge Base Retrieval MCP Server 805 tools
adminautomation
Amazon Data Processing MCP Server 805 tools
adminautomation
Amazon ECS MCP Server 805 tools
adminautomation
FAQ

Questions about ReverseCraft DevTools MCP

Can an AI agent delete data through the ReverseCraft DevTools MCP server? +

Yes. The ReverseCraft DevTools MCP server exposes 7 destructive tools including clear_cookies, clear_persistent_scripts, clear_script_replacements. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through ReverseCraft DevTools MCP? +

The ReverseCraft DevTools MCP server has 8 write tools including clear_all_breakpoints, remove_breakpoint, disable_debugger. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach ReverseCraft DevTools MCP.

How many tools does the ReverseCraft DevTools MCP server expose? +

46 tools across 4 categories: Destructive, Execute, Read, Write. 17 are read-only. 29 can modify, create, or delete data.

How do I enforce a policy on ReverseCraft DevTools MCP? +

Register the ReverseCraft DevTools MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every ReverseCraft DevTools MCP tool call.

Deterministic rules across all 46 ReverseCraft DevTools MCP tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

ENFORCE POLICY ON REVERSECRAFT DEVTOOLS →

Free to start. No card required.

46 ReverseCraft DevTools MCP tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.