Orihime

33 tools. 3 can modify or destroy data without limits.

3 write tools that can modify data. Rate limits recommended.

Last updated:

3 can modify or destroy data
30 read-only
33 tools total

Community server · catalogue entry verified 03/07/2026

How to control Orihime ↓

What Orihime exposes to your agents

Read (30) Write / Execute (3) Destructive / Financial (0)
High Risk

The most dangerous Orihime tools

3 of Orihime's 33 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control Orihime

PolicyLayer is an MCP gateway — it sits between your AI agents and Orihime, and nothing reaches the server without passing your rules. These are the rules we recommend:

Rate limit write operations
{
  "generate_security_report": {
    "limits": [
      {
        "counter": "generate_security_report_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "blast_radius": {
    "limits": [
      {
        "counter": "blast_radius_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Orihime — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON ORIHIME →

Instant setup, no code required.

All 33 Orihime tools

READ 30 tools
Read blast_radius blast_radius Read estimate_capacity estimate_capacity Read find_callees find_callees Read find_callers find_callers Read find_cascade_risk find_cascade_risk Read find_complexity_hints find_complexity_hints Read find_cross_service_taint find_cross_service_taint Read find_eager_fetches Find all EAGER fetch relationships — potential N+1 query sources. Read find_endpoint_callers find_endpoint_callers Read find_entry_points find_entry_points Read find_external_calls find_external_calls Read find_hotspots find_hotspots Read find_implementations Find all classes that directly implement the given interface (up to 10 hops via IMPLEMENTS). Read find_io_fanout find_io_fanout Read find_license_violations find_license_violations Read find_reachable_sinks find_reachable_sinks Read find_repo_dependencies find_repo_dependencies Read find_second_order_injection find_second_order_injection Read find_superclasses Walk the EXTENDS chain upward from the given class (BFS, max depth 10). Read find_taint_flows find_taint_flows Read find_taint_paths find_taint_paths Read find_taint_sinks find_taint_sinks Read get_file_location Get the source file path and line number for a method or class by FQN. Read list_branches list_branches Read list_endpoints list_endpoints Read list_entity_relations List all JPA entity relationships in a repo. Read list_repos List all indexed repositories with their stats. Read list_security_config list_security_config Read list_unresolved_calls list_unresolved_calls Read search_symbol search_symbol

Questions about Orihime

How do I prevent bulk modifications through Orihime? +

The Orihime server has 3 write tools including generate_security_report, index_repo_tool, ingest_perf_results. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Orihime.

How many tools does the Orihime MCP server expose? +

33 tools across 2 categories: Read, Write. 30 are read-only. 3 can modify, create, or delete data.

How do I enforce a policy on Orihime? +

Register the Orihime MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Orihime tool call.

Deterministic rules across all 33 Orihime tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

33 Orihime tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.