Gojira

170 tools. 77 can modify or destroy data without limits.

19 destructive tools with no built-in limits. Policy required.

Last updated:

77 can modify or destroy data
93 read-only
170 tools total

Community server · catalogue entry verified 03/07/2026

How to control Gojira ↓

What Gojira exposes to your agents

Read (93) Write / Execute (58) Destructive / Financial (19)
Critical Risk

The most dangerous Gojira tools

77 of Gojira's 170 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control Gojira

PolicyLayer is an MCP gateway — it sits between your AI agents and Gojira, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations
{
  "assets.deleteObject": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "agile.createSprint": {
    "limits": [
      {
        "counter": "agile.createsprint_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "agile.getBoard": {
    "limits": [
      {
        "counter": "agile.getboard_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Gojira — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON GOJIRA →

Instant setup, no code required.

All 170 Gojira tools

DESTRUCTIVE 19 tools
Destructive assets.deleteObject Delete an Assets object. Irreversible. Destructive assets.removeObjectReference Remove a reference between two Assets objects. Destructive automation.deleteAutomationRule Delete an automation rule. Irreversible. Destructive confluence.deleteConfluenceSpace Delete a Confluence space. Irreversible. Destructive customfields.deleteCustomField Delete a custom field. Irreversible. Re-invoke with Destructive dashboards.deleteDashboard Delete a dashboard. Irreversible. Destructive filters.deleteFilter Delete a filter. Irreversible. Destructive gojira.revertOperation Reverts a previously-journaled operation (where mechanically possible). Logs the revert itself as a new journa Destructive jsm.deleteQueue Delete a queue. Irreversible. Destructive jsm.deleteRequestType Delete a request type. Irreversible. Destructive orgAdmin.deleteGroup Delete an org-level group. Destructive orgAdmin.removeApp Remove a Marketplace app from the org. Destructive orgAdmin.removeUserFromGroup Remove a user from a group. Destructive projects.archiveJiraProject Archive a Jira project. Requires Destructive projects.deleteJiraProject Permanently delete a Jira project. Irreversible. Re-invoke with Destructive schemes.deleteNotificationScheme Delete a notification scheme. Irreversible. Destructive schemes.deletePermissionScheme Delete a permission scheme. Irreversible. Destructive workflows.deleteWorkflow Delete a workflow. Irreversible. Destructive workflows.removeWorkflowTransition Remove a transition from a workflow
WRITE 57 tools
Write agile.createSprint Create a sprint on a Scrum board. Write agile.updateSprint Update a sprint Write assets.addObjectReference Add a reference between two Assets objects. Write assets.createObject Create an Assets object. Write assets.createObjectSchema Create a new object schema. Destructive — requires Write assets.createObjectType Create an object type inside a schema. Destructive — requires Write assets.createObjectTypeAttribute Add an attribute to an object type. Write assets.importAssetsFromCsv Kick off an Assets CSV import. Expects an import-config id and either a CSV URL or inline CSV. Write assets.updateObject Update an Assets object Write assets.updateObjectSchema Update an object schema Write assets.updateObjectType Update an object type. Write assets.updateObjectTypeAttribute Update an attribute on an object type. Write automation.createAutomationRule Create a new automation rule. Provide the rule body as Atlassian Write automation.disableAutomationRule Disable a rule. Revertible (enable). Write automation.updateAutomationRule Replace a rule body in place. Captures full-before/full-after diff. Write confluence.createConfluenceSpace Create a Confluence space. Write confluence.setContentRestrictions Replace restrictions on a piece of content. Write confluence.updateConfluenceSpace Update a Confluence space (name, description, homepage). Write customfields.assignCustomFieldToProjects Assign a custom field context to projects. Destructive — requires Write customfields.createCustomField Create a new custom field. Revertible (the created field is deletable). Write customfields.setCustomFieldOptions Replace the option set on a custom field context (for select/multi-select fields). Write customfields.updateCustomField Update a custom field Write dashboards.createDashboard Create a dashboard. Write dashboards.updateDashboard Update a dashboard. Write filters.createFilter Create a filter. Write filters.updateFilter Update a filter. Write gojira.bindApiToken Bind a per-user Atlassian API token for tools that don Write jsm.addCustomersToOrganization Add customers (by accountId or email) to an organization. Write jsm.assignRequestTypeToGroup Assign an existing request type to a group inside the same service desk. Write jsm.createForm Create a request form. Write jsm.createQueue Create a queue. Revertible (delete). Write jsm.createRequestType Create a request type. Destructive — requires Write jsm.createSla Create an SLA configuration. Destructive — requires Write jsm.linkKbToServiceDesk Link a Confluence space (by spaceKey) as the KB for a service desk. Write jsm.setRequestTypeFields Replace the field set on a request type. Write jsm.updateForm Replace a form Write jsm.updatePortalCustomization Update a portal Write jsm.updateQueue Update a queue Write jsm.updateRequestType Update a request type Write jsm.updateSla Update an SLA. Write orgAdmin.addUserToGroup Add a user to a group. Write orgAdmin.createGroup Create an org-level group. Write orgAdmin.provisionUser Provision a new user. Requires Write orgAdmin.restoreUser Restore a previously deactivated managed account. Write orgAdmin.setOrgPolicy Set or replace an org policy. Write orgAdmin.setRovoMcpAllowedDomains Replace the Rovo MCP allowed domain list. Write orgAdmin.setRovoMcpApiTokenAuth Enable or disable API token auth on the org Write orgAdmin.verifyDomain Claim a domain for org-wide management. Write projects.createJiraProject Create a Jira project. Destructive — call without Write schemes.assignPermissionSchemeToProject Assign a permission scheme to a project. Revertible (restore prior assignment). Write schemes.createNotificationScheme Create a notification scheme. Write schemes.createPermissionScheme Create a permission scheme. Write schemes.updateNotificationScheme Update a notification scheme. Write schemes.updatePermissionScheme Update a permission scheme (PUT-replace semantics). Write workflows.addWorkflowTransition Add a transition to a workflow Write workflows.createWorkflow Create a workflow definition. Write workflows.updateWorkflow Update a workflow in-place. Captures full-before/full-after diff because workflow JSON does not patch cleanly.
READ 93 tools
Read agile.getBoard Get a board by id. Read agile.getEpic Get an epic by id or key. Read agile.getSprint Get a sprint by id. Read agile.listBoards List agile boards (Scrum and Kanban). Read agile.listEpics List epics on a board. Read agile.listSprints List sprints for a board. Read assets.aqlSearch AQL (Assets Query Language) search. Read assets.exportAssetSchema Export a schema Read assets.getObject Get an Assets object by id. Read assets.getObjectAttachments List attachments on an Assets object. Read assets.getObjectHistory Get the change history for an Assets object. Read assets.getObjectReferences List references for an Assets object. Read assets.getObjectSchema Get a single object schema by id. Read assets.getObjectType Get an object type by id. Read assets.getObjectTypeAttributes List attributes of an object type. Read assets.listObjectSchemas List Assets object schemas in this workspace. Read assets.listObjectTypes List object types within a schema. Read automation.enableAutomationRule Enable a rule. Revertible (disable). Read automation.getAutomationRule Retrieve a single automation rule by id. Read automation.getAutomationRuleAuditLog Returns recent audit-log entries for a single automation rule. Read automation.getAutomationUsage Returns automation usage statistics for this site (executions, queue depth). Read automation.listAutomationRules List Jira automation rules. Either project-scoped (projectKey) or global. Read confluence.getConfluenceSpace Get a single Confluence space. Read confluence.getContentRestrictions Get the read/update restrictions on a piece of content. Read confluence.listBlueprints List Confluence blueprints (built-in page templates). Read confluence.listConfluenceSpaces List Confluence spaces. Read confluence.listSpacePermissions List permissions on a Confluence space. Read confluence.listTemplates List Confluence templates available globally or in a specific space. Read customfields.getCustomField Get a custom field Read customfields.listCustomFieldContexts List the contexts (project scopes) for a custom field. Read customfields.listCustomFields List Jira custom fields (paginated). Filter by query string or field type. Read dashboards.getDashboard Get a dashboard by id. Read dashboards.listDashboards List dashboards. Read filters.getFilter Get a filter by id. Read filters.listFilters List Jira filters (paginated). Read gojira.getOperation Retrieve a single journal entry by opId, including before/after snapshots. Read gojira.health Returns server liveness, Redis ping, and OAuth issuer URL. Read gojira.listEnabledTools Lists the tools available to this caller, given the deployment Read gojira.listRecentOperations List the caller Read gojira.whoami Returns the caller Read jsm.getForm Get a single form by id. Read jsm.getPortalCustomization Retrieve a portal Read jsm.getQueue Get a single queue by id. Read jsm.getQueueIssues Get the issues currently visible in a queue. Read jsm.getRequestType Get a request type by id. Read jsm.getRequestTypeFields Get the field set associated with a request type. Read jsm.getRequestTypeGroups List request-type groups inside a service desk. Read jsm.getServiceDesk Get a single service desk by id. Read jsm.getServiceDeskKnowledgeBase Returns the linked Confluence KB for a service desk. Read jsm.getSla Get an SLA by id. Read jsm.getSlaMetrics Get SLA breach metrics for a project (filtered by time range and metric ids). Read jsm.listForms List request forms attached to a service desk. Read jsm.listJsmOrganizations List organizations available in a service desk (or globally if serviceDeskId omitted). Read jsm.listPortals List customer portals exposed by this site. Read jsm.listQueues List queues for a service desk. Read jsm.listRequestTypes List request types in a service desk. Read jsm.listServiceDesks List all JSM service desks visible to the API-token caller. Read jsm.listSlas List SLA configurations for a project. Read orgAdmin.deactivateUser Deactivate a managed account. Reversible via restoreUser. Read orgAdmin.getApp Get an installed Marketplace app Read orgAdmin.getGroup Get a group by id. Read orgAdmin.getOrgPolicies List org policies (data residency, IP allowlists, etc.). Read orgAdmin.getOrgUser Get a managed account Read orgAdmin.getRovoMcpSettings Read the org-level settings governing the Atlassian Rovo MCP endpoint. Read orgAdmin.getUserGroups List groups for a managed account. Read orgAdmin.listGroups List org-level groups. Read orgAdmin.listInstalledApps List Marketplace apps installed across the org Read orgAdmin.listManagedAccounts List all managed accounts in the org (paged). Read orgAdmin.listOrgUsers Paginated list of managed accounts in the org. Read orgAdmin.listVerifiedDomains List verified domains owned by the org. Read orgAdmin.queryAuditLog Query org audit log with optional filters. Read projects.getJiraProject Retrieve a single Jira project by key or numeric id. Read projects.getJiraProjectDetails Retrieve a Jira project plus its components, roles, and notification scheme assignments. Read projects.listJiraProjects List Jira projects (admin view). Returns paged results with project metadata. Read schemes.getFieldConfiguration Get a field configuration by id. Read schemes.getIssueTypeScheme Get an issue-type scheme. Read schemes.getNotificationScheme Get a notification scheme. Read schemes.getPermissionScheme Get a single permission scheme (with full grant list when expand= Read schemes.getScreen Get a screen by id. Read schemes.getWorkflowScheme Get a workflow scheme. Read schemes.listFieldConfigurations List field configurations. Read schemes.listIssueTypeSchemes List issue-type schemes. Read schemes.listNotificationSchemes List notification schemes. Read schemes.listPermissionSchemes List Jira permission schemes. Read schemes.listScreens List screens. Read schemes.listScreenSchemes List screen schemes. Read schemes.listWorkflowSchemes List workflow schemes. Read workflows.getWorkflow Get a single workflow by id or name. Read workflows.getWorkflowConditions Get the conditions for a workflow transition. Read workflows.getWorkflowPostFunctions Get the post-functions for a workflow transition. Read workflows.getWorkflowTransitions List transitions in a workflow. Read workflows.getWorkflowValidators Get the validators for a workflow transition. Read workflows.listWorkflows List workflows.

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Questions about Gojira

Can an AI agent delete data through the Gojira MCP server? +

Yes. The Gojira server exposes 19 destructive tools including assets.deleteObject, assets.removeObjectReference, automation.deleteAutomationRule. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Gojira? +

The Gojira server has 57 write tools including agile.createSprint, agile.updateSprint, assets.addObjectReference. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Gojira.

How many tools does the Gojira MCP server expose? +

170 tools across 3 categories: Destructive, Read, Write. 93 are read-only. 77 can modify, create, or delete data.

How do I enforce a policy on Gojira? +

Register the Gojira MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Gojira tool call.

Deterministic rules across all 170 Gojira tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

170 Gojira tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.