// SCAN REPORT

Pilot

61 tools. 36 can modify or destroy data without limits.

1 destructive tool with no built-in limits. Policy required.

Last updated:

36 can modify or destroy data
25 read-only
61 tools total

Community server · catalogue entry verified 11/06/2026

How to control Pilot ↓

TOOL MAP

Read (25) Write / Execute (35) Destructive / Financial (1)

MOST DANGEROUS TOOLS

Critical Risk
Destructive · High pilot_geolocation Set or clear the browser Execute · Low pilot_frame_reset This tool triggers a browser context switch (a state-changing operation within the Playwright browser automation environment) and clears all existing element references. Execute · Medium pilot_reload Reloading a browser page is an external browser action that triggers a network request and re-executes page scripts. Execute · High pilot_evaluate This tool executes arbitrary JavaScript code within the browser context, which is a classic Execute capability.

36 of Pilot's 61 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

HOW TO CONTROL PILOT

PolicyLayer is an MCP gateway — it sits between your AI agents and Pilot, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations
{
  "pilot_geolocation": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "pilot_auth": {
    "limits": [
      {
        "counter": "pilot_auth_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "pilot_assert": {
    "limits": [
      {
        "counter": "pilot_assert_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Pilot — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON PILOT →

Free to start. No card required.

ALL 61 PILOT TOOLS

DESTRUCTIVE 1 tools
Destructive pilot_geolocation Set or clear the browser
EXECUTE 26 tools
Execute pilot_frame_reset Switch the browser context back to the main page frame after working inside an iframe. Use when the user wants Execute pilot_reload Reload the current page, waiting for DOM content to load. Use when the user wants to refresh the page, clear d Execute pilot_evaluate Execute a JavaScript expression or function in the browser page context and return the result. Use when the us Execute pilot_hover Hover the mouse over an element, triggering hover states, tooltips, and dropdown menus. Use when the user want Execute pilot_intercept Intercept network requests matching a URL pattern and respond with custom status, headers, and body. Use when Execute pilot_navigate Navigate the browser to a URL and wait for DOM content to load. Use when the user wants to go to a specific we Execute pilot_tab_new Open a new browser tab, optionally navigating to a URL. Use when the user wants to open a link in a new tab, c Execute pilot_wait Wait for a specific condition before proceeding — an element to appear, the network to become idle, or the pag Execute pilot_back Navigate back to the previous page in browser history. Use when the user wants to go back to the prior page th Execute pilot_block Block network requests matching URL patterns to speed up page loads and reduce token noise from ad/tracker con Execute pilot_cdp Connect Pilot to a real Chrome browser already running on the user Execute pilot_click Click an element on the page using a ref from pilot_snapshot or a CSS selector. Use when the user wants to pre Execute pilot_close Close the browser instance and release all associated resources. Use when the user wants to end the browsing s Execute pilot_drag Drag one element and drop it onto another element on the page. Use when the user wants to move an element, reo Execute pilot_forward Navigate forward to the next page in browser history. Use when the user wants to go forward after using pilot_ Execute pilot_frame_select Switch the browser context into an iframe so that pilot_snapshot, pilot_click, pilot_fill, and other tools ope Execute pilot_handle_dialog Configure automatic handling of native browser dialogs (alert, confirm, prompt) that would otherwise block pag Execute pilot_handoff Open a visible (headed) browser window preserving all current state — cookies, tabs, and localStorage. Use whe Execute pilot_press_key Press a keyboard key or key combination on the page. Use when the user wants to press Enter to submit a form, Execute pilot_resize Set the browser viewport size in pixels to simulate different screen resolutions. Use when the user wants to t Execute pilot_resume Resume automated control after a pilot_handoff session. Use when the user has finished manual interaction in t Execute pilot_scroll Scroll the page or a specific element into view. Use when the user wants to scroll down a long page, scroll to Execute pilot_select_option Select an option from a <select> dropdown element by value, label, or visible text. Use when the user wants to Execute pilot_set_useragent Set a custom browser User-Agent string, which recreates the browser context to apply the change while preservi Execute pilot_tab_select Switch the active browser context to a specific tab by its ID. Use when the user wants to work in a different Execute pilot_type Type text character-by-character into the currently focused element, simulating real keyboard input. Use when
WRITE 9 tools
Write pilot_auth Save, load, or clear browser session state (cookies + localStorage + sessionStorage) to/from a JSON file. Use Write pilot_file_upload Upload one or more files to a file input element on the page. Use when the user wants to attach files, upload Write pilot_fill Fill an input or textarea with new text, replacing any existing content. Use when the user wants to enter text Write pilot_import_cookies Import cookies from a real Chromium browser (Chrome, Arc, Brave, Edge, Comet) by decrypting the browser Write pilot_pdf Save the current page as a PDF document in A4 format. Use when the user wants to export the page as a download Write pilot_set_cookie Set a cookie on the current page Write pilot_set_header Set a custom HTTP request header that will be sent with all subsequent requests from the browser. Use when the Write pilot_storage Read or write browser web storage (localStorage and sessionStorage). Use when the user wants to inspect stored Write pilot_tab_close Close a browser tab by its ID, or close the currently active tab if no ID is specified. Use when the user want
READ 25 tools
Read pilot_assert Assert a condition about the current page state and fail with a structured error if the assertion is not met. Read pilot_dialog Retrieve captured browser dialog messages (alert, confirm, prompt) from a circular buffer. Use when the user w Read pilot_network Retrieve network requests (XHR, fetch, navigation, static assets) from a circular buffer. Use when the user wa Read pilot_annotated_screenshot Take a PNG screenshot with red overlay boxes and ref labels at each @eN/@cN element position. Use when the use Read pilot_console Retrieve browser console messages (console.log, console.warn, console.error) from a circular buffer. Use when Read pilot_extension_status Check if the Pilot Chrome extension is connected and routing commands through the user Read pilot_find Find an element by visible text, label, placeholder, or role — without running a full snapshot. Use when you k Read pilot_frames List all frames (iframes) on the current page with their indices, names, and URLs. Use when the user wants to Read pilot_get Navigate to a URL and return its full readable content + interactive elements in one call. Use this as the pr Read pilot_page_attrs Get all HTML attributes of a specific element as a JSON object. Use when the user wants to inspect an element Read pilot_page_css Get the computed CSS property value for a specific element. Use when the user wants to check styling details ( Read pilot_page_html Get innerHTML of a selector/ref, or full page HTML if none provided. Read pilot_page_links Get all links on the page as text + href pairs. Read pilot_responsive Capture full-page screenshots at three standard responsive breakpoints — mobile (375x812), tablet (768x1024), Read pilot_screenshot Take a PNG screenshot of the current page or a specific element. Use when the user wants to capture what the p Read pilot_snapshot Capture an accessibility tree snapshot of the page with @eN refs for element selection. Use when the user want Read pilot_snapshot_diff Compare the current page state against the previously captured snapshot, showing a unified diff of what change Read pilot_tabs List all open browser tabs with their IDs, URLs, titles, and which tab is currently active. Use when the user Read pilot_clipboard Read from or write to the browser clipboard. Use when the user wants to read content that an app copied to cli Read pilot_cookies Retrieve all cookies for the current page context as a JSON array. Use when the user wants to inspect cookies, Read pilot_element_state Check the current state of an element — whether it is visible, hidden, enabled, disabled, checked, editable, o Read pilot_page_diff Generate a text diff comparing the visible content of two URLs — useful for comparing staging vs production, b Read pilot_page_forms Extract all form elements on the page as structured JSON with their types, names, IDs, and current values. Use Read pilot_page_text Extract clean text from the page (strips script/style/noscript/svg). Read pilot_perf Measure page load performance metrics from the Navigation Timing API. Use when the user wants to diagnose slow

RELATED SERVERS

Other MCP servers with similar tools — same risk classification, starter policies for each.

BNB Chain MCP 1240 tools
adminautomation
Binance MCP Server 734 tools
adminautomation
Nodebench 724 tools
adminautomation
GoHighLevel MCP Server 566 tools
adminautomation
UnClick 451 tools
adminautomation
NowAIKit — ServiceNow AI Toolkit 446 tools
adminautomation
Mcp Windows 441 tools
adminautomation
0nmcp 407 tools
adminautomation

FAQ

Can an AI agent delete data through the Pilot MCP server? +

Yes. The Pilot server exposes 1 destructive tools including pilot_geolocation. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Pilot? +

The Pilot server has 9 write tools including pilot_auth, pilot_file_upload, pilot_fill. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Pilot.

How many tools does the Pilot MCP server expose? +

61 tools across 4 categories: Destructive, Execute, Read, Write. 25 are read-only. 36 can modify, create, or delete data.

How do I enforce a policy on Pilot? +

Register the Pilot MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Pilot tool call.

Deterministic rules across all 61 Pilot tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

ENFORCE POLICY ON PILOT →

Free to start. No card required.

61 Pilot tools catalogued and risk-classified — across an index of 42,500+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.