Smokeball

189 tools. 98 can modify or destroy data without limits.

29 destructive tools with no built-in limits. Policy required.

Last updated:

98 can modify or destroy data
91 read-only
189 tools total

Community server · catalogue entry verified 02/07/2026

How to control Smokeball ↓

What Smokeball exposes to your agents

Read (91) Write / Execute (69) Destructive / Financial (29)
Critical Risk

The most dangerous Smokeball tools

98 of Smokeball's 189 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control Smokeball

PolicyLayer is an MCP gateway — it sits between your AI agents and Smokeball, and nothing reaches the server without passing your rules. These are the rules we recommend:

Block financial tools by default
{
  "create_requisition": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Requires human approval."
      }
    ]
  }
}

Financial tools should be explicitly enabled per use case, not open by default.

Deny destructive operations
{
  "delete_activity_code": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "add_contact_tags": {
    "limits": [
      {
        "counter": "add_contact_tags_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "get_activity_code": {
    "limits": [
      {
        "counter": "get_activity_code_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Smokeball — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON SMOKEBALL →

Instant setup, no code required.

All 189 Smokeball tools

DESTRUCTIVE 25 tools
Destructive delete_activity_code Delete an activity code by ID. Destructive delete_authorization_group Delete an authorization group by ID. Destructive delete_contact Delete a contact by ID. Destructive delete_contact_relation Delete a relationship from a contact. Destructive delete_event Delete a calendar event by ID. Destructive delete_event_reminder Delete an event reminder. Destructive delete_expense Delete an expense entry by ID. Destructive delete_fee Delete a fee entry by ID. Destructive delete_file Delete a file by ID. Destructive delete_firm_user_mapping Delete a firm user mapping by ID. Destructive delete_folder Delete a folder by ID. Destructive delete_lead Delete a lead by ID. Destructive delete_matter Delete a matter by ID. Destructive delete_memo Delete a memo by ID. Destructive delete_plugin Delete a plugin by ID. Destructive delete_staff_member Delete a staff member by ID. Destructive delete_subtask Delete a subtask. Destructive delete_task Delete a task by ID. Destructive delete_task_document Remove a document attachment from a task. Destructive delete_webhook_subscription Delete a webhook subscription by ID. Destructive remove_contact_tags Remove a tag from a contact. tag_id: the ID of the tag to remove. Destructive remove_layout_from_matter Remove a layout instance from a matter. Destructive remove_relationship_from_role Remove a contact relationship from a role on a matter. Destructive remove_role_from_matter Remove a role from a matter. Destructive remove_user Remove a user from the firm.
WRITE 67 tools
Write add_contact_tags Add tags to a contact. tags_csv: comma-separated tag strings. Write add_contact_to_layout Add a contact to a layout instance (for merge field population). Write add_file_to_matter Register a new file on a matter (get upload URL separately). Write add_files_to_matter_batch Add multiple files to a matter in one request. files_csv: comma-separated file names. Write add_layout_to_matter Add a layout design instance to a matter for document generation. Write add_matter_tags Add tags to a matter. tags_json: JSON array of tag objects, each with keys: Write add_relationship_to_role Add a contact relationship to a role on a matter. Write add_role_to_matter Add a role to a matter. contact_id: associate a contact to this role. Write archive_matter Archive a matter. Write create_activity_code Create a billing activity code. Write create_authorization_group Create an authorization group. Write create_authorization_policy Create an authorization policy. permissions_csv: comma-separated permission strings. Write create_contact Create a contact. contact_type: 'person' (default) or 'company'. Write create_contact_relation Create a relationship between two contacts. Write create_event Create a calendar event. start_date/end_date: ISO 8601 datetime. Write create_event_reminder Create a reminder for an event. reminder_type: Notification | Email. Write create_expense Create an expense entry. date: YYYY-MM-DD. amount: dollar value. Write create_fee Create a fee (time entry). date: YYYY-MM-DD. duration_minutes: time spent. Write create_file_preview_request Request generation of a preview (thumbnail/rendition) for a file. Write create_folder Create a folder in a matter. parent_folder_id: omit for root. Write create_lead Create a lead (created as a matter with isLead=true via POST /matters). Write create_matter Create a matter. Write create_memo Create a memo (note) on a matter. Write create_notification Send a notification to a user or the firm. Write create_plugin Register a new plugin integration. Write create_portal_task Create a client portal task (visible to client). due_date: YYYY-MM-DD. Write create_staff_member Create a new staff member. Write create_subtask Create a subtask under a task. Write create_task Create a task. due_date: ISO 8601 (YYYY-MM-DD). assigned_to_id: staff ID. Write create_task_document Attach a file to a task. file_id: from files API. Write create_user Create a new user (invite to the firm). Write create_webhook_subscription Create a webhook subscription. event_type: from list_webhook_event_types. Write patch_expense Toggle an expense entry's billable or billed state (PATCH). Use 'true' or 'false'. Write patch_fee Toggle a fee entry's billable or billed state (PATCH). Use 'true' or 'false'. Write patch_file Update file metadata (name, folder). Write patch_folder Move a folder to a different parent. Write patch_lead Partially update a lead status or assignment (PATCH). Use update_lead for notes. Write patch_matter Partially update a matter status or stage (PATCH). Use update_matter for name/description. Write patch_matter_archive Update archive metadata fields on a matter (PATCH). destruction_date: YYYY-MM-DD. Write remove_matter_tags Remove a tag from a matter. tag_id: the ID of the tag to remove. Write resend_user_invitation Resend an invitation email to a user. Write send_portal_message Send a message to a client via the Smokeball client portal. Write unarchive_matter Unarchive a matter. Write update_activity_code Update an activity code. Write update_authorization_group Update an authorization group. Write update_authorization_policy Update an authorization policy. permissions_csv: comma-separated permission strings. Write update_contact Update a contact's details. Write update_contact_relation Update a contact relationship type. Write update_event Update a calendar event. Write update_event_reminder Update an event reminder's lead time. Write update_expense Update an expense entry. billable: 'true' or 'false' to set; leave empty to skip. Write update_fee Update a fee entry. billable: 'true' or 'false' to set; leave empty to skip. Write update_firm Update firm profile fields. Only pass fields you want to change. Write update_firm_user_mapping Update a firm user mapping (link a staff member to a system user). Write update_folder Rename a folder. Write update_lead Update a lead's status or notes. Write update_matter Update a matter's name, status, or description. Write update_matter_billing_configuration Update billing configuration for a matter. billing_type: Hourly | Fixed | Contingency. Write update_memo Update a memo's content or subject. Write update_plugin Update a plugin's details. Write update_portal_task Update a client portal task status or title. completed_str: 'true' or 'false'. Write update_relationship Update a contact relationship on a matter role. Write update_role_on_matter Update a role on a matter. Write update_staff_member Update a staff member's details. Write update_subtask Update a subtask. completed_str: 'true' to mark done, 'false' to unmark. Write update_task Update a task. completed_str: 'true' to mark done, 'false' to unmark. Write update_webhook_subscription Update a webhook subscription URL or active state. active: 'true' or 'false'.
READ 91 tools
Read get_activity_code Get an activity code by ID. Read get_authorization_group Get an authorization group by ID. Read get_authorization_policy Get an authorization policy by reference. Read get_bank_account Get a bank account by ID. Read get_bank_account_matter_balances Get per-matter balances for a bank account (trust accounting). Read get_contact Get a contact by ID. Read get_contact_relation Get a specific relationship for a contact. Read get_contact_relations Get all relationships for a contact. Read get_contact_tags Get tags on a contact. Read get_event Get a calendar event by ID. Read get_event_reminders Get all reminders for a calendar event. Read get_expense Get an expense entry by ID. Read get_fee Get a fee entry by ID. Read get_file Get file metadata by ID. Read get_file_download_url Get a pre-signed download URL for a file. Read get_file_history Get file version history for a matter. Read get_file_preview_info Get preview info (status and URL) for a file. Read get_file_preview_info_by_version Get preview info for a specific version of a file. Read get_file_upload_url Get a pre-signed upload URL for a file version. Read get_firm Get this firm's profile and settings. Read get_firm_user_mapping Get a specific firm user mapping by ID. Read get_firm_user_mappings List all user mappings for this firm. Read get_folder_contents Get the contents of a specific folder on a matter. Read get_folder_history Get folder activity history for a matter. Read get_folder_path_hierarchy Get the full path hierarchy (breadcrumb) to a folder. Read get_invoice Get an invoice by ID. Read get_invoice_download_url Get a download URL for an invoice PDF. Read get_layout_contacts Get contacts associated with a layout instance. Read get_layout_design Get a layout design by ID. Read get_layout_on_matter Get a specific layout instance on a matter. Read get_lead Get a lead by ID. Read get_matter Get a matter by ID. Read get_matter_archive Get archive status and metadata for a matter. Read get_matter_billing_configuration Get billing configuration for a matter. Read get_matter_item Get a specific item on a matter. Read get_matter_stage Get the current stage of a matter. Read get_matter_tags Get tags on a matter. Read get_matter_type Get a matter type by ID. Read get_memo Get a memo by ID. Read get_notification Get a notification by ID. Read get_plugin Get a plugin by ID. Read get_plugin_subscription Get a specific plugin subscription by ID. Read get_plugin_url Request the launch URL for a plugin (for embedded iframe display). Read get_protected_bank_account_balance Get the protected (reserved) balance for a bank account. Read get_referral_type Get a referral type by ID. Read get_relationship_on_role Get the contact relationship for a specific role on a matter. Read get_relationships_on_matter Get all contact relationships on a matter. Read get_role_on_matter Get a specific role on a matter. Read get_roles_on_matter List all roles assigned to a matter. Read get_root_folder_contents Get the root folder contents for a matter. Read get_search_mapping Get the integrated search field mapping (what fields are indexed for search). Read get_staff_member Get a staff member by ID. Read get_stage_in_set Get a specific stage within a stage set. Read get_stage_set Get a specific stage set by ID. Read get_subtask Get a specific subtask. Read get_subtasks Get all subtasks for a task. Read get_task Get a task by ID. Read get_task_document Get a specific document attached to a task. Read get_task_documents Get documents attached to a task. Read get_transaction Get a specific transaction from a bank account. Read get_user Get a user by ID. Read get_webhook_subscription Get a webhook subscription by ID. Read list_activity_codes List billing activity codes configured for this firm. Read list_authorization_groups List all authorization groups for this firm. Read list_bank_accounts List bank accounts (trust, operating) for this firm. Read list_contacts List contacts with offset pagination. Read list_events List calendar events. Filter by matter_id for matter-specific events. Read list_expenses List expense entries. Filter by matter_id for matter-specific expenses. Read list_fees List fee entries (billable time). Filter by matter_id for matter-specific fees. Read list_files_on_matter List files attached to a matter. Read list_invoices List invoices. Filter by matter_id for matter-specific invoices. Read list_layout_designs List all layout designs (document templates) available for this firm. Read list_layouts_on_matter List all layout instances on a matter (document merge records). Read list_leads List leads (potential new clients/matters). Read list_matter_items List all items (checklist items, workflow steps) on a matter. Read list_matter_stage_mappings List all matter-to-stage mappings. Read list_matter_type_categories List all matter type categories. Read list_matter_types List all matter types configured for this firm. Read list_matters List matters with offset pagination. Read list_memos_on_matter List memos (notes) on a matter. Read list_plugin_subscriptions List all active plugin subscriptions for this firm. Read list_plugins List all available plugins for this firm. Read list_referral_types List referral source types configured for this firm. Read list_stage_sets List all stage sets (workflow stage groups). Read list_tasks List tasks. Filter by matter_id to get matter-specific tasks. Read list_transactions List transactions for a bank account. Read list_webhook_event_types List all available webhook event types. Read list_webhook_subscriptions List all active webhook subscriptions. Read search_staff Search staff members. query: name or email fragment. Read subscribe_to_plugin Subscribe this firm to a plugin. Read unsubscribe_from_plugin Unsubscribe this firm from a plugin.

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Questions about Smokeball

Can an AI agent move money through the Smokeball MCP server? +

Yes. The Smokeball server exposes 4 financial tools including create_requisition, create_transaction, protect_funds. Without a policy, an autonomous agent can call these with no spend caps, no rate limits, and no approval flow. PolicyLayer lets you block financial tools by default, require human approval, or set per-tool rate limits — enforced on every call.

Can an AI agent delete data through the Smokeball MCP server? +

Yes. The Smokeball server exposes 25 destructive tools including delete_activity_code, delete_authorization_group, delete_contact. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Smokeball? +

The Smokeball server has 67 write tools including add_contact_tags, add_contact_to_layout, add_file_to_matter. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Smokeball.

How many tools does the Smokeball MCP server expose? +

189 tools across 3 categories: Destructive, Read, Write. 91 are read-only. 98 can modify, create, or delete data.

How do I enforce a policy on Smokeball? +

Register the Smokeball MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Smokeball tool call.

Deterministic rules across all 189 Smokeball tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

189 Smokeball tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.