Google Workspace Compliance Audit Tool

28 tools. 1 can modify or destroy data without limits.

1 write tool that can modify data. Rate limits recommended.

Last updated:

1 can modify or destroy data
27 read-only
28 tools total

Community server · catalogue entry verified 29/06/2026

How to control Google Workspace Compliance Audit Tool ↓

What Google Workspace Compliance Audit Tool exposes to your agents

Read (27) Write / Execute (1) Destructive / Financial (0)
High Risk

The most dangerous Google Workspace Compliance Audit Tool tools

1 of Google Workspace Compliance Audit Tool's 28 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control Google Workspace Compliance Audit Tool

PolicyLayer is an MCP gateway — it sits between your AI agents and Google Workspace Compliance Audit Tool, and nothing reaches the server without passing your rules. These are the rules we recommend:

Cap read operations
{
  "check_2fa_enforcement_method": {
    "limits": [
      {
        "counter": "check_2fa_enforcement_method_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Google Workspace Compliance Audit Tool — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.

All 28 Google Workspace Compliance Audit Tool tools

READ 27 tools
Read check_2fa_enforcement_method Check the 2FA enforcement method and allowed second factors (security key, phone, etc.) Read check_2fa_status Check if 2FA is enforced for all users in the domain Read check_admin_roles List all users with admin privileges and their role assignments Read check_advanced_protection Check Advanced Protection Program enrollment settings. APP provides the strongest account security for high-ri Read check_api_access Check third-party API access and OAuth app permissions Read check_audit_log_settings Check audit log retention and monitoring configuration Read check_baa_status Check HIPAA Business Associate Agreement (BAA) status. Only relevant for HIPAA compliance. Read check_calendar_external_sharing_policy Check the organization-wide calendar external sharing policy via Policy API. Read check_calendar_sharing Check calendar external sharing settings Read check_chat_external_restrictions Check Google Chat external messaging restrictions. Controls who users can message outside the organization. Read check_data_regions Check data residency and storage regions Read check_email_authentication Check SPF, DKIM, and DMARC email authentication status Read check_email_forwarding Check for email forwarding rules to external addresses Read check_external_sharing Check external sharing settings and restrictions Read check_groups_external_members Check for Google Groups that include external members Read check_inactive_accounts Identify user accounts that have not logged in for 90+ days Read check_less_secure_apps Check if less secure app access is blocked. Less secure apps use basic authentication which is vulnerable to c Read check_license_utilization Check license assignment and utilization Read check_meet_safety Check Google Meet safety settings including host controls and external participant restrictions. Read check_mobile_devices Check mobile device management enrollment and encryption status Read check_password_policy Check password strength and policy requirements Read check_session_settings Check session length and timeout settings Read check_shared_drives Check shared drive permissions and external access Read check_storage_usage Check storage quota usage across users Read check_super_admin_recovery Check super admin account recovery settings. Weak recovery settings can be exploited to take over admin accoun Read check_suspicious_activity Check for recent security alerts and suspicious login attempts Read generate_comprehensive_report Generate a comprehensive compliance audit report from collected findings. Supports multiple frameworks.

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Questions about Google Workspace Compliance Audit Tool

Is the Google Workspace Compliance Audit Tool MCP server safe to use without restrictions? +

The Google Workspace Compliance Audit Tool server is primarily read-only with 27 read tools. While it cannot modify data, an agent in a retry loop can make thousands of API calls per minute, exhausting rate limits and running up costs. Rate limiting is still recommended.

How many tools does the Google Workspace Compliance Audit Tool MCP server expose? +

28 tools across 3 categories: Execute, Read, Write. 27 are read-only. 1 can modify, create, or delete data.

How do I enforce a policy on Google Workspace Compliance Audit Tool? +

Register the Google Workspace Compliance Audit Tool MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Google Workspace Compliance Audit Tool tool call.

Deterministic rules across all 28 Google Workspace Compliance Audit Tool tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

28 Google Workspace Compliance Audit Tool tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.