Clockify Time Tracking

112 tools. 64 can modify or destroy data without limits.

17 destructive tools with no built-in limits. Policy required.

Last updated:

64 can modify or destroy data
48 read-only
112 tools total

Community server · catalogue entry verified 02/07/2026

How to control Clockify Time Tracking ↓

What Clockify Time Tracking exposes to your agents

Read (48) Write / Execute (47) Destructive / Financial (17)
Critical Risk

The most dangerous Clockify Time Tracking tools

64 of Clockify Time Tracking's 112 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control Clockify Time Tracking

PolicyLayer is an MCP gateway — it sits between your AI agents and Clockify Time Tracking, and nothing reaches the server without passing your rules. These are the rules we recommend:

Block financial tools by default
{
  "add_invoice_payment": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Requires human approval."
      }
    ]
  }
}

Financial tools should be explicitly enabled per use case, not open by default.

Deny destructive operations
{
  "delete_assignment": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "add_invoice_item": {
    "limits": [
      {
        "counter": "add_invoice_item_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "download_expense_receipt": {
    "limits": [
      {
        "counter": "download_expense_receipt_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Clockify Time Tracking — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON CLOCKIFY TIME TRACKING →

Instant setup, no code required.

All 112 Clockify Time Tracking tools

WRITE 46 tools
Write add_invoice_item add_invoice_item Write approve_time_off_request approve_time_off_request Write archive_expense_category Archive or restore an expense category without deleting it. Write bulk_update_time_entries bulk_update_time_entries Write change_invoice_status Change only an invoice's workflow status. Write copy_assignment copy_assignment Write create_assignment create_assignment Write create_client Create a new client on a workspace. Write create_expense create_expense Write create_expense_category create_expense_category Write create_holiday create_holiday Write create_invoice create_invoice Write create_project Create a new project on a workspace. Write create_shared_report create_shared_report Write create_tag Create a new tag on a workspace. Write create_task Create a task under a project. Write create_time_entry create_time_entry Write create_time_entry_for_user create_time_entry_for_user Write create_time_off_policy create_time_off_policy Write create_time_off_request create_time_off_request Write create_webhook create_webhook Write create_workspace_custom_field create_workspace_custom_field Write duplicate_invoice duplicate_invoice Write duplicate_time_entry Duplicate one of a user's time entries, creating a copy. Write generate_webhook_token generate_webhook_token Write import_invoice_items import_invoice_items Write publish_assignments publish_assignments Write reject_time_off_request reject_time_off_request Write resubmit_approval_entries resubmit_approval_entries Write set_project_custom_field set_project_custom_field Write submit_approval_request submit_approval_request Write submit_approval_request_for_user submit_approval_request_for_user Write update_approval_request update_approval_request Write update_assignment update_assignment Write update_client update_client Write update_expense update_expense Write update_expense_category Update an expense category's name and unit-pricing settings. Write update_holiday update_holiday Write update_invoice update_invoice Write update_project update_project Write update_shared_report update_shared_report Write update_tag Update a tag's name and/or archived state. Write update_task update_task Write update_time_entry update_time_entry Write update_webhook update_webhook Write update_workspace_custom_field update_workspace_custom_field
READ 48 tools
Read download_expense_receipt download_expense_receipt Read export_report export_report Read find_user_team_manager find_user_team_manager Read generate_attendance_report generate_attendance_report Read generate_detailed_report generate_detailed_report Read generate_expense_report generate_expense_report Read generate_summary_report generate_summary_report Read generate_weekly_report generate_weekly_report Read get_client Get a single client's full detail by its id. Read get_current_user get_current_user Read get_expense Get a single expense's full detail by its id. Read get_invoice get_invoice Read get_invoice_payments get_invoice_payments Read get_project Get a single project's full detail by its id. Read get_project_scheduling_totals get_project_scheduling_totals Read get_shared_report get_shared_report Read get_tag Get a single tag's full detail by its id. Read get_task Get a single task's full detail by its id, within its project. Read get_time_entry Get a single time entry's full detail by its id. Read get_time_off_policy Get a single time-off policy's full detail by its id. Read get_user_member_profile get_user_member_profile Read get_user_scheduling_totals get_user_scheduling_totals Read get_webhook Get a single webhook's full definition by its id. Read get_webhook_logs get_webhook_logs Read get_workspace Get full detail for one workspace by id. Read list_approval_requests list_approval_requests Read list_clients list_clients Read list_expense_categories list_expense_categories Read list_expenses list_expenses Read list_holidays list_holidays Read list_holidays_in_period list_holidays_in_period Read list_invoices list_invoices Read list_project_custom_fields list_project_custom_fields Read list_projects list_projects Read list_scheduled_assignments list_scheduled_assignments Read list_shared_reports list_shared_reports Read list_tags list_tags Read list_tasks list_tasks Read list_time_entries list_time_entries Read list_time_off_balances_by_policy list_time_off_balances_by_policy Read list_time_off_balances_by_user list_time_off_balances_by_user Read list_time_off_policies list_time_off_policies Read list_time_off_requests list_time_off_requests Read list_user_groups list_user_groups Read list_users list_users Read list_webhooks list_webhooks Read list_workspace_custom_fields list_workspace_custom_fields Read list_workspaces list_workspaces

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Questions about Clockify Time Tracking

Can an AI agent move money through the Clockify Time Tracking MCP server? +

Yes. The Clockify Time Tracking server exposes 1 financial tools including add_invoice_payment. Without a policy, an autonomous agent can call these with no spend caps, no rate limits, and no approval flow. PolicyLayer lets you block financial tools by default, require human approval, or set per-tool rate limits — enforced on every call.

Can an AI agent delete data through the Clockify Time Tracking MCP server? +

Yes. The Clockify Time Tracking server exposes 16 destructive tools including delete_assignment, delete_client, delete_expense. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Clockify Time Tracking? +

The Clockify Time Tracking server has 46 write tools including add_invoice_item, approve_time_off_request, archive_expense_category. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Clockify Time Tracking.

How many tools does the Clockify Time Tracking MCP server expose? +

112 tools across 5 categories: Destructive, Execute, Financial, Read, Write. 48 are read-only. 64 can modify, create, or delete data.

How do I enforce a policy on Clockify Time Tracking? +

Register the Clockify Time Tracking MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Clockify Time Tracking tool call.

Deterministic rules across all 112 Clockify Time Tracking tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

112 Clockify Time Tracking tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.