// SCAN REPORT

Monarch

50 tools. 24 can modify or destroy data without limits.

3 destructive tools with no built-in limits. Policy required.

Last updated:

24 can modify or destroy data
26 read-only
50 tools total

Community server · catalogue entry verified 11/06/2026

How to control Monarch ↓

TOOL MAP

Read (26) Write / Execute (20) Destructive / Financial (3)

MOST DANGEROUS TOOLS

Critical Risk
Destructive · High delete_transaction This tool irreversibly deletes financial transaction records. Destructive · High delete_transaction_rule This tool irreversibly deletes data (a transaction rule) from the Monarch Money system. Destructive · Medium monarch_logout This tool irreversibly removes the stored session credentials from the system keyring. Execute · Medium refresh_accounts This tool triggers an external operation — initiating a refresh/sync request to financial institutions.

24 of Monarch's 50 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

HOW TO CONTROL MONARCH

PolicyLayer is an MCP gateway — it sits between your AI agents and Monarch, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations
{
  "delete_transaction": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "split_transaction": {
    "limits": [
      {
        "counter": "split_transaction_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "check_auth_status": {
    "limits": [
      {
        "counter": "check_auth_status_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Monarch — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON MONARCH →

Free to start. No card required.

ALL 50 MONARCH TOOLS

DESTRUCTIVE 3 tools
Destructive delete_transaction Delete a transaction from Monarch Money. Warning: This action cannot be undone. Args: transa Destructive delete_transaction_rule Delete a transaction rule. Args: rule_id: The ID of the rule to delete (use get_transaction_rules Destructive monarch_logout Clear the stored Monarch Money session from the system keyring.
EXECUTE 1 tools
Execute refresh_accounts Request account data refresh from financial institutions. Args: account_ids: Specific account IDs
WRITE 19 tools
Write split_transaction Split a transaction into multiple parts with different categories/merchants. The sum of all split amounts Write bulk_categorize_transactions bulk_categorize_transactions Write add_transaction_tag Add a tag to a transaction, preserving any tags already on it. Args: transaction_id: The ID of th Write categorize_transaction Assign a category to a transaction. Args: transaction_id: The ID of the transaction to categorize Write create_transaction Create a new transaction in Monarch Money. Args: date: Transaction date in YYYY-MM-DD format Write create_transaction_category create_transaction_category Write create_transaction_rule create_transaction_rule Write create_transaction_tag create_transaction_tag Write mark_transaction_reviewed Mark a transaction as reviewed (clears the needs_review flag). Use this after reviewing a transaction tha Write monarch_login Sign in to Monarch Money. Opens a secure form in the client UI to collect email, password, and (if re Write monarch_login_with_token Sign in to Monarch Money using a browser-copied session token. Useful for SSO users who can't use passwor Write set_budget_amount set_budget_amount Write set_transaction_tags Set tags on a transaction. Note: This REPLACES all existing tags on the transaction. To add a tag, in Write update_category update_category Write update_merchant update_merchant Write update_transaction Update an existing transaction in Monarch Money. Args: transaction_id: The ID of the transaction Write update_transaction_notes Update the notes/memo for a transaction. Suggested format: [Receipt: URL] Description If receipt_url Write update_transaction_rule update_transaction_rule Write upload_account_balance_history upload_account_balance_history
READ 26 tools
Read check_auth_status Check if already authenticated with Monarch Money. Read debug_session_loading Debug keyring session loading issues. Read get_account_balance_history get_account_balance_history Read get_account_holdings Get investment holdings for a specific account. Args: account_id: The ID of the investment accoun Read get_accounts Get all financial accounts from Monarch Money. Read get_budgets Get budget information from Monarch Money. Args: start_date: Start date in YYYY-MM-DD format (def Read get_cashflow Get cashflow analysis from Monarch Money. Args: start_date: Start date in YYYY-MM-DD format Read get_cashflow_by_month get_cashflow_by_month Read get_category_details get_category_details Read get_merchant get_merchant Read get_net_worth get_net_worth Read get_net_worth_by_account_type get_net_worth_by_account_type Read get_recurring_transactions Get upcoming recurring transactions. Returns scheduled recurring transactions with their merchants, amoun Read get_spending_summary get_spending_summary Read get_transaction_categories Get all available transaction categories from Monarch Money. Read get_transaction_category_groups Get all transaction category groups (parent groupings for categories). Read get_transaction_details Get full details for a specific transaction. Returns comprehensive information including attachments, spl Read get_transaction_rules Get all transaction auto-categorization rules from Monarch Money. Returns a list of rules with their cond Read get_transaction_splits Get the splits for a transaction. Returns the split details if the transaction has been split into multip Read get_transaction_tags Get all available transaction tags from Monarch Money. Read get_transactions Get transactions from Monarch Money. Args: limit: Number of transactions to retrieve (default: 10 Read get_transactions_needing_review Get transactions that need review based on various criteria. This is the primary tool for finding transac Read get_transactions_summary Get a high-level summary of transactions. Returns quick statistics about your transactions without fetchi Read review_recurring_stream review_recurring_stream Read search_transactions Search and filter transactions with comprehensive filtering options. This is the most flexible transactio Read setup_authentication Get instructions for setting up secure authentication with Monarch Money.
OTHER 1 tools
Other main Main entry point for the server.

RELATED SERVERS

Other MCP servers with similar tools — same risk classification, starter policies for each.

BNB Chain MCP 1240 tools
admin
Binance MCP Server 734 tools
admin
Nodebench 724 tools
admin
AdButler 622 tools
admin
GoHighLevel MCP Server 566 tools
admin
UnClick 451 tools
admin
NowAIKit — ServiceNow AI Toolkit 446 tools
admin
Mcp Windows 441 tools
admin

FAQ

Can an AI agent delete data through the Monarch MCP server? +

Yes. The Monarch server exposes 3 destructive tools including delete_transaction, delete_transaction_rule, monarch_logout. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Monarch? +

The Monarch server has 19 write tools including split_transaction, bulk_categorize_transactions, add_transaction_tag. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Monarch.

How many tools does the Monarch MCP server expose? +

50 tools across 3 categories: Destructive, Read, Write. 26 are read-only. 24 can modify, create, or delete data.

How do I enforce a policy on Monarch? +

Register the Monarch MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Monarch tool call.

Deterministic rules across all 50 Monarch tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

ENFORCE POLICY ON MONARCH →

Free to start. No card required.

50 Monarch tools catalogued and risk-classified — across an index of 42,500+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.