// SCAN REPORT

MCP DevTools Server

79 tools. 53 can modify or destroy data without limits.

1 destructive tool with no built-in limits. Policy required.

Last updated:

53 can modify or destroy data
26 read-only
79 tools total

Community server · catalogue entry verified 12/06/2026

How to control MCP DevTools Server ↓

TOOL MAP

What MCP DevTools Server exposes to your agents

Read (26) Write / Execute (52) Destructive / Financial (1)

Running more than one server? Check your whole stack →

MOST DANGEROUS TOOLS
Critical Risk

The most dangerous MCP DevTools Server tools

Destructive · High repo_sync The 'cleanup merged branches' portion of this tool's action is irreversible — deleting local (and potentially remote) branches that have been merged. Execute · High python_venv This tool spans multiple categories. Execute · High lint_all This tool executes linting commands on a project, which involves running external processes and triggering operations whose side effects (output reports, potential modifications to configuration, etc.) depend on project Execute · Medium commitlint This tool executes an external command (commitlint) as part of development workflow automation.

53 of MCP DevTools Server's 79 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

POLICY

How to control MCP DevTools Server

PolicyLayer is an MCP gateway — it sits between your AI agents and MCP DevTools Server, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations
{
  "repo_sync": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "ensure_newline": {
    "limits": [
      {
        "counter": "ensure_newline_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "actionlint": {
    "limits": [
      {
        "counter": "actionlint_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register MCP DevTools Server — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON MCP DEVTOOLS →

Free to start. No card required.

FULL CATALOGUE

All 79 MCP DevTools Server tools

DESTRUCTIVE 1 tools
Destructive repo_sync Sync with remote and cleanup merged branches
EXECUTE 42 tools
Execute python_venv Manage Python virtual environments (create, delete, info, list packages) Execute commitlint Run commitlint to validate commit messages Execute eslint Run ESLint on JavaScript/TypeScript files Execute go_benchmark Run Go benchmarks to measure code performance Execute go_build Build Go packages with cross-compilation and custom build flags support Execute lint_all Run all available linters based on project type Execute lint_files Run custom linting rules on project files Execute make_build Run make build command to build the project Execute make_clean Run make clean command to clean build artifacts Execute make_depend Run make depend command to install or update dependencies Execute make_lint Run make lint command to check code style and quality Execute markdownlint Run markdownlint on markdown files Execute nodejs_benchmark Run performance benchmarks with Vitest, benchmark.js, or custom scripts Execute nodejs_build Run build script with package manager (npm/yarn/pnpm/bun) Execute nodejs_lint Run ESLint on Node.js/TypeScript code Execute nodejs_scripts Run or list npm scripts from package.json with caching Execute nodejs_security Run security audit with npm/yarn audit to detect vulnerabilities Execute onboarding_wizard Run intelligent zero-configuration onboarding wizard to detect project type, generate configuration, verify to Execute python_benchmark Run performance benchmarks using pytest-benchmark with statistical analysis Execute python_build Build Python packages (wheels and sdists) using modern python -m build Execute run_tests Run tests using the detected test framework Execute staticcheck Run staticcheck for enhanced Go static analysis Execute yamllint Run yamllint on YAML files Execute analyze_command Execute a command and analyze the result with AI-powered smart suggestions. Provides intelligent recommendatio Execute go_fmt Format Go code using gofmt Execute go_mod_download Download Go module dependencies Execute go_mod_tidy Tidy Go module dependencies Execute go_test Run Go tests with coverage and race detection Execute jq_query Process JSON data using jq filter syntax without requiring approval. Execute make_test Run make test command to execute project tests Execute nodejs_check_types Run TypeScript type checking Execute nodejs_profile Profile Node.js application performance using built-in Node.js profiler Execute nodejs_test Run Node.js tests with Jest, Vitest, or Mocha Execute python_format Format Python code using ruff format with check mode support Execute python_lint Lint Python code using ruff check with auto-fix support Execute python_profile Profile Python code performance using cProfile, py-spy, or memray Execute python_test Run Python tests using pytest with coverage reporting and test selection Execute stack_restack Rebase stack on latest changes Execute branch_checkout Checkout an existing branch Execute go_generate Run go generate to execute code generation directives Execute nodejs_install_deps Install Node.js dependencies with npm, yarn, pnpm, or bun Execute python_install_deps Install Python dependencies using uv, poetry, pipenv, or pip with package manager auto-detection
WRITE 10 tools
Write ensure_newline Validate and fix POSIX newline compliance. Checks if files end with proper Write nodejs_format Format code with Prettier Write branch_create Create a new stacked branch Write generate_config Generate MCP DevTools configuration preview based on project detection without writing to file Write generate_pr_message Generate a PR message based on Git changes Write go_work Manage Go workspaces (go.work files) Write nodejs_update_deps Update Node.js dependencies with support for different package managers Write python_update_deps Check for outdated packages and update dependencies safely with compatibility checking Write rollback_setup Rollback to a previous configuration from backup Write stack_submit Submit entire stack as pull requests
READ 26 tools
Read actionlint Validate GitHub Actions workflow files for syntax errors, invalid parameters, and best practices Read analyze_result Analyze an already-executed command result and generate smart suggestions. Useful for post-mortem analysis and Read check_conventions Check project conventions and architecture rules Read code_review Perform automated code review analysis on Git changes Read detect_project Analyze project and generate comprehensive profile including type, language, framework, build system, and tool Read dotenv_environment Load and parse environment variables from .env files, making them visible Read get_current_datetime Get current date and time with rich temporal context for LLM awareness. Provides human-readable format, timezo Read get_knowledge_base_stats Get statistics about the smart suggestions knowledge base, including total patterns and categorization. Read go_lint Lint Go code using golangci-lint with comprehensive configuration options Read go_project_info Get comprehensive Go project information and analysis Read go_vet Examine Go source code and report suspicious constructs Read go_vulncheck Scan for known vulnerabilities using govulncheck Read log_short View current stack visualization Read nodejs_compatibility Check Node.js version compatibility and validate against package.json engines field Read nodejs_package_info Fetch package information from npm registry including latest versions, compatibility, and peer dependencies to Read nodejs_project_info Get comprehensive Node.js project information (package.json, dependencies, frameworks) Read nodejs_version Get version information for Node.js tools (node, npm, yarn, pnpm, bun) with caching Read project_status Get overall project health and available make targets Read python_check_types Check Python types using pyright with watch and verbose mode support Read python_compatibility Check Python version compatibility using vermin and suggest syntax upgrades with pyupgrade Read python_project_info Analyze Python project configuration, dependencies, and structure (pyproject.toml, setup.py, requirements.txt Read python_security Scan for known vulnerabilities using bandit (code issues) and pip-audit (dependencies) Read python_version Get version information for Python tools (python, pip, uv, poetry, pyright, ruff, pytest) with caching Read recommend_mcp_servers Get intelligent recommendations for best-practice MCP servers based on project context. Suggests MCP servers l Read test_status Get project test status and recommendations Read validate_setup Validate existing MCP DevTools configuration and setup, checking commands, tools, and configuration validity
EXPLORE

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Sperax Ecosystem Crypto & DeFI MCP Server 1318 tools
adminautomation
Mcp Afip 1300 tools
adminautomation
Mcp Ap2 1300 tools
adminautomation
BNB Chain MCP 1240 tools
adminautomation
Nodebench 824 tools
adminautomation
Amazon Bedrock Knowledge Base Retrieval MCP Server 805 tools
adminautomation
Amazon Data Processing MCP Server 805 tools
adminautomation
Amazon ECS MCP Server 805 tools
adminautomation
FAQ

Questions about MCP DevTools Server

Can an AI agent delete data through the MCP DevTools Server MCP server? +

Yes. The MCP DevTools Server server exposes 1 destructive tools including repo_sync. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through MCP DevTools Server? +

The MCP DevTools Server server has 10 write tools including ensure_newline, nodejs_format, branch_create. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach MCP DevTools Server.

How many tools does the MCP DevTools Server MCP server expose? +

79 tools across 4 categories: Destructive, Execute, Read, Write. 26 are read-only. 53 can modify, create, or delete data.

How do I enforce a policy on MCP DevTools Server? +

Register the MCP DevTools Server MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every MCP DevTools Server tool call.

Deterministic rules across all 79 MCP DevTools Server tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

ENFORCE POLICY ON MCP DEVTOOLS →

Free to start. No card required.

79 MCP DevTools Server tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.