// SCAN REPORT

Xdevplatform/xmcp

135 tools. 55 can modify or destroy data without limits.

14 destructive tools with no built-in limits. Policy required.

Last updated: 6 Apr 2026

55 can modify or destroy data

80 read-only

135 tools total

// TOOL MAP

Read (80) Write / Execute (33) Destructive / Financial (14)

// WHAT CAN GO WRONG

Financial operations (chatMediaUploadFinalize, finalizeMediaUpload) can move real money. An agent caught in a loop could drain accounts before anyone notices.

Destructive tools (deleteAccountActivitySubscription, deleteActivitySubscription, deleteAllConnections) permanently delete resources. There is no undo. An agent calling these in a retry loop causes irreversible damage.

Write operations (addChatGroupMembers, addListsMember, addUserPublicKey) modify state. Without rate limits, an agent can make hundreds of changes in seconds — faster than any human can review or revert.

Execute tools (initializeChatConversationKeys, initializeChatGroup, initializeMediaUpload) trigger processes with side effects. Builds, notifications, workflows — all fired without throttling.

One command. Full control.

Intercept sits between your agent and Xdevplatform/xmcp. Every tool call checked against your policy before it executes — so your agent can do its job without breaking things.

npx -y @policylayer/intercept scan -- npx -y @xdevplatform/xmcp

Scans every tool. Generates a policy. Starts enforcing.

Works with Claude Code · Cursor · Claude Desktop · Windsurf · any MCP client

// RECOMMENDED RULES

Block financial tools by default

chatMediaUploadFinalize:
  rules:
    - action: deny

Financial tools should be explicitly enabled per use case, not open by default.

Deny destructive operations

deleteAccountActivitySubscription:
  rules:
    - action: deny

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations

addChatGroupMembers:
  rules:
    - rate_limit: 30/hour

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations

chatMediaDownload:
  rules:
    - rate_limit: 60/minute

Controls API costs and prevents retry loops from exhausting upstream rate limits.

// ALL 135 XDEVPLATFORM/XMCP TOOLS

FINANCIAL 2 tools

Financial chatMediaUploadFinalize Financial finalizeMediaUpload

DESTRUCTIVE 12 tools

Destructive deleteAccountActivitySubscription Destructive deleteActivitySubscription Destructive deleteAllConnections Destructive deleteCommunityNotes Destructive deleteConnectionsByEndpoint Destructive deleteConnectionsByUuids Destructive deleteDirectMessagesEvents Destructive deleteLists Destructive deleteMediaSubtitles Destructive deletePosts Destructive deleteUsersBookmark Destructive removeListsMemberByUserId

EXECUTE 3 tools

Execute initializeChatConversationKeys Execute initializeChatGroup Execute initializeMediaUpload

READ 80 tools

Read chatMediaDownload Read dmConversationsMediaDownload Read followList Read getAccountActivitySubscriptionCount Read getAccountActivitySubscriptions Read getActivitySubscriptions Read getChatConversation Read getChatConversations Read getCommunitiesById Read getComplianceJobs Read getComplianceJobsById Read getConnectionHistory Read getDirectMessagesEvents Read getDirectMessagesEventsByConversationId Read getDirectMessagesEventsById Read getDirectMessagesEventsByParticipantId Read getInsights28Hr Read getInsightsHistorical Read getListsById Read getListsFollowers Read getListsMembers Read getListsPosts Read getMediaAnalytics Read getMediaByMediaKey Read getMediaByMediaKeys Read getMediaUploadStatus Read getNews Read getOpenApiSpec Read getPostsAnalytics Read getPostsById Read getPostsByIds Read getPostsCountsAll Read getPostsCountsRecent Read getPostsLikingUsers Read getPostsQuotedPosts Read getPostsRepostedBy Read getPostsReposts Read getSpacesBuyers Read getSpacesByCreatorIds Read getSpacesById Read getSpacesByIds Read getSpacesPosts Read getTrendsByWoeid Read getTrendsPersonalizedTrends Read getUsage Read getUsersAffiliates Read getUsersBlocking Read getUsersBookmarkFolders Read getUsersBookmarks Read getUsersBookmarksByFolderId Read getUsersById Read getUsersByIds Read getUsersByUsername Read getUsersByUsernames Read getUsersFollowedLists Read getUsersFollowers Read getUsersFollowing Read getUsersLikedPosts Read getUsersListMemberships Read getUsersMe Read getUsersMentions Read getUsersMuting Read getUsersOwnedLists Read getUsersPinnedLists Read getUsersPosts Read getUsersPublicKey Read getUsersPublicKeys Read getUsersRepostsOfMe Read getUsersTimeline Read searchCommunities Read searchCommunityNotesWritten Read searchEligiblePosts Read searchNews Read searchPostsAll Read searchPostsRecent Read searchSpaces Read searchUsers Read unfollowList Read unpinList Read validateAccountActivitySubscription

OTHER 8 tools

Other blockUsersDms Other evaluateCommunityNotes Other followUser Other hidePostsReply Other muteUser Other unblockUsersDms Other unfollowUser Other unmuteUser

// FAQ

Can an AI agent move money through the Xdevplatform/xmcp MCP server? +

Yes. The Xdevplatform/xmcp server exposes 2 financial tools including chatMediaUploadFinalize, finalizeMediaUpload. Without a policy, an autonomous agent can call these with no spend caps, no rate limits, and no approval flow. Intercept lets you block financial tools by default or set per-tool rate limits.

Can an AI agent delete data through the Xdevplatform/xmcp MCP server? +

Yes. The Xdevplatform/xmcp server exposes 12 destructive tools including deleteAccountActivitySubscription, deleteActivitySubscription, deleteAllConnections. These permanently remove resources with no undo. Intercept blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Xdevplatform/xmcp? +

The Xdevplatform/xmcp server has 30 write tools including addChatGroupMembers, addListsMember, addUserPublicKey. Set rate limits in your policy file -- for example, rate_limit: 10/hour prevents an agent from making more than 10 modifications per hour. Intercept enforces this at the transport layer.

How many tools does the Xdevplatform/xmcp MCP server expose? +

135 tools across 6 categories: Destructive, Execute, Financial, Other, Read, Write. 80 are read-only. 55 can modify, create, or delete data.

How do I add Intercept to my Xdevplatform/xmcp setup? +

One line change. Instead of running the Xdevplatform/xmcp server directly, prefix it with Intercept: intercept -c xdevplatform-xmcp.yaml -- npx -y @xdevplatform/xmcp. Download a pre-built policy from policylayer.com/policies/xdevplatform-xmcp and adjust the limits to match your use case.

// RELATED SERVERS

Other MCP servers with similar tools.

Starter policies available for each. Same risk classification, same one-command setup.

policylayer/intercept

Control every MCP tool call
your agent makes.

Set budgets, approvals, and hard limits across MCP servers.

npx -y @policylayer/intercept init

Scans your MCP config. Opens a web UI. Protected tool calls in 30 seconds.

Xdevplatform/xmcp

One command. Full control.

Other MCP servers with similar tools.

Control every MCP tool call your agent makes.

Control every MCP tool call
your agent makes.