SpherePay

24 tools. 8 can modify or destroy data without limits.

4 destructive tools with no built-in limits. Policy required.

Last updated:

8 can modify or destroy data
16 read-only
24 tools total

Community server · catalogue entry verified 01/07/2026

How to control SpherePay ↓

What SpherePay exposes to your agents

Read (16) Write / Execute (4) Destructive / Financial (4)
Critical Risk

The most dangerous SpherePay tools

8 of SpherePay's 24 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control SpherePay

PolicyLayer is an MCP gateway — it sits between your AI agents and SpherePay, and nothing reaches the server without passing your rules. These are the rules we recommend:

Block financial tools by default
{
  "execute_transfer": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Requires human approval."
      }
    ]
  }
}

Financial tools should be explicitly enabled per use case, not open by default.

Rate limit write operations
{
  "create_webhook": {
    "limits": [
      {
        "counter": "create_webhook_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "get_bank_account": {
    "limits": [
      {
        "counter": "get_bank_account_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register SpherePay — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON SPHEREPAY →

Instant setup, no code required.

All 24 SpherePay tools

READ 16 tools
Read get_bank_account Retrieve a SpherePay bank account by ID. Returns account details including status. Read get_customer Retrieve a SpherePay customer by ID. Returns customer details including verification status. Read get_event Retrieve a SpherePay event by ID. Returns event details including type, payload, and webhook delivery records. Read get_offloader_wallet Retrieve a SpherePay offloader wallet by ID. Returns wallet details and off-ramp configuration. Read get_transfer Retrieve a SpherePay transfer by ID. Returns transfer details including status. Read get_virtual_account Retrieve a SpherePay virtual account by ID. Returns account details including deposit instructions. Read get_wallet Retrieve a SpherePay wallet by ID. Returns wallet details including address and network. Read get_webhook Retrieve a SpherePay webhook by ID. Returns webhook details including delivery status and subscribed events. Read list_bank_accounts List SpherePay bank accounts with pagination. Optionally filter by customer_id. Read list_customers List SpherePay customers with pagination. Returns paginated customer list. Read list_offloader_wallets List SpherePay offloader wallets with pagination. Read list_transfers List SpherePay transfers with pagination and optional filters. Read list_virtual_account_transfers List transfers for a specific virtual account. Shows deposit activity and conversion history. Read list_virtual_accounts List SpherePay virtual accounts with pagination. Read list_wallets List SpherePay wallets with pagination. Optionally filter by customer_id. Read verify_customer verify_customer

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Questions about SpherePay

Can an AI agent move money through the SpherePay MCP server? +

Yes. The SpherePay server exposes 4 financial tools including execute_transfer, setup_funding, setup_offloader_wallet. Without a policy, an autonomous agent can call these with no spend caps, no rate limits, and no approval flow. PolicyLayer lets you block financial tools by default, require human approval, or set per-tool rate limits — enforced on every call.

How do I prevent bulk modifications through SpherePay? +

The SpherePay server has 4 write tools including create_webhook, onboard_business_rep, onboard_customer. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach SpherePay.

How many tools does the SpherePay MCP server expose? +

24 tools across 3 categories: Financial, Read, Write. 16 are read-only. 8 can modify, create, or delete data.

How do I enforce a policy on SpherePay? +

Register the SpherePay MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every SpherePay tool call.

Deterministic rules across all 24 SpherePay tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

24 SpherePay tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.