// SCAN DATE: 23 MARCH 2026

MCP Scan Report

// SCAN RESULTS
9 servers detected
165 tools exposed
46 can modify or destroy data
// VERDICT

Your agent has unrestricted access to Stripe, GitHub, Filesystem and 4 more -- including tools that can delete data and create charges and execute code.

// EVERY TOOL YOUR AGENT CAN CALL
Stripe
GitHub
Redis
Filesystem
Slack
Puppeteer
Cloudflare
PostgreSQL
Read (119) Write / Execute (31) Destructive / Financial (15)
// PERMISSION MATRIX
Server ReadWriteExecuteDestructiveFinancial
Stripe 115----11
GitHub 5116112
PostgreSQL 1--------
Filesystem 74------
Slack 52------
Redis 21--1--
Puppeteer ----1----
Cloudflare 61------
Total 83292213
// WHAT COULD GO WRONG
Stripe FINANCIAL
cancel_subscription

Cancel subscription

No limits in place.

GitHub FINANCIAL
manage_notification_subscription

Manage notification subscription

No limits in place.

Redis DESTRUCTIVE
delete

Delete one or more keys from Redis

No limits in place.

// SERVER RISK BREAKDOWN
Stripe Critical

Can move money, write data, read data. cancel_subscription

27 tools show all
cancel_subscription Cancel subscription FINANCIAL
create_invoice Create invoice FINANCIAL
create_invoice_item Create invoice item FINANCIAL
create_payment_link Create payment link FINANCIAL
create_refund Create refund FINANCIAL
finalize_invoice Finalise invoice FINANCIAL
list_charges List charges FINANCIAL
list_invoices List invoices FINANCIAL
list_payment_intents List PaymentIntents FINANCIAL
list_subscriptions List subscriptions FINANCIAL
update_subscription Update subscription FINANCIAL
create_coupon Create coupon WRITE
create_customer Create customer WRITE
create_price Create price WRITE
create_product Create product WRITE
update_dispute Update dispute WRITE
fetch_stripe_resources Retrieve Stripe objects READ
get_stripe_account_info Retrieve account information READ
list_coupons List coupons READ
list_customers List customers READ
list_disputes List disputes READ
list_prices List prices READ
list_products List products READ
list_setup_intents List SetupIntents READ
retrieve_balance Retrieve balance READ
search_stripe_documentation Search Stripe knowledge READ
search_stripe_resources Search Stripe resources READ
GitHub Critical

Can move money, delete data, execute code, write data, read data, . manage_notification_subscription

83 tools show all
manage_notification_subscription Manage notification subscription FINANCIAL
manage_repository_notification_subscription Manage repository notification subscription FINANCIAL
delete_file Delete file DESTRUCTIVE
actions_run_trigger Trigger GitHub Actions workflow actions EXECUTE
add_comment_to_pending_review Add review comment to pending pull request review WRITE
add_issue_comment Add comment to issue WRITE
add_reply_to_pull_request_comment Add reply to pull request comment WRITE
create_branch Create branch WRITE
create_gist Create Gist WRITE
create_or_update_file Create or update file WRITE
create_pull_request Open new pull request WRITE
create_pull_request_with_copilot Perform task with GitHub Copilot coding agent WRITE
create_repository Create repository WRITE
issue_write Create or update issue WRITE
label_write Write operations on repository labels WRITE
projects_write Modify GitHub Project items WRITE
push_files Push files to repository WRITE
update_gist Update Gist WRITE
update_pull_request Edit pull request WRITE
update_pull_request_branch Update pull request branch WRITE
actions_get Get details of GitHub Actions resources READ
actions_list List GitHub Actions workflows in a repository READ
get_code_scanning_alert Get code scanning alert READ
get_commit Get commit details READ
get_copilot_space Get Copilot Space READ
get_dependabot_alert Get dependabot alert READ
get_discussion Get discussion READ
get_discussion_comments Get discussion comments READ
get_file_contents Get file or directory contents READ
get_gist Get Gist Content READ
get_global_security_advisory Get a global security advisory READ
get_job_logs Get GitHub Actions workflow job logs READ
get_label Get a specific label from a repository READ
get_latest_release Get latest release READ
get_me Get my user profile READ
get_notification_details Get notification details READ
get_release_by_tag Get a release by tag name READ
get_repository_tree Get repository tree READ
get_secret_scanning_alert Get secret scanning alert READ
get_tag Get tag details READ
get_team_members Get team members READ
get_teams Get teams READ
issue_read Get issue details READ
list_branches List branches READ
list_code_scanning_alerts List code scanning alerts READ
list_commits List commits READ
list_copilot_spaces List Copilot Spaces READ
list_dependabot_alerts List dependabot alerts READ
list_discussion_categories List discussion categories READ
list_discussions List discussions READ
list_gists List Gists READ
list_global_security_advisories List global security advisories READ
list_issue_types List available issue types READ
list_issues List issues READ
list_label List labels from a repository READ
list_notifications List notifications READ
list_org_repository_security_advisories List org repository security advisories READ
list_pull_requests List pull requests READ
list_releases List releases READ
list_repository_security_advisories List repository security advisories READ
list_secret_scanning_alerts List secret scanning alerts READ
list_starred_repositories List starred repositories READ
list_tags List tags READ
projects_get Get details of GitHub Projects resources READ
projects_list List GitHub Projects resources READ
search_code Search code READ
search_issues Search issues READ
search_orgs Search organisations READ
search_pull_requests Search pull requests READ
search_repositories Search repositories READ
search_users Search users READ
assign_copilot_to_issue Assign Copilot to issue OTHER
dismiss_notification Dismiss notification OTHER
fork_repository Fork repository OTHER
github_support_docs_search Search GitHub product and support documentation OTHER
mark_all_notifications_read Mark all notifications as read OTHER
merge_pull_request Merge pull request OTHER
pull_request_read Get details for a single pull request OTHER
pull_request_review_write Write operations on pull request reviews OTHER
request_copilot_review Request Copilot review OTHER
star_repository Star repository OTHER
sub_issue_write Change sub-issue OTHER
unstar_repository Unstar repository OTHER
Redis High

Can delete data, write data, read data. delete

4 tools show all
delete Delete one or more keys from Redis DESTRUCTIVE
set Set a Redis key-value pair with optional expiration WRITE
get Get value by key from Redis READ
list List Redis keys matching a pattern READ
Filesystem Medium

Can write data, read data, . create_directory

12 tools show all
create_directory Create a new directory or ensure it exists WRITE
edit_file Make selective edits using advanced pattern matching WRITE
move_file Move or rename files and directories WRITE
write_file Create a new file or overwrite an existing file WRITE
get_file_info Retrieve detailed metadata about a file or directory READ
list_allowed_directories Returns the list of directories the server can access READ
list_directory Get a detailed listing of files and directories READ
read_media_file Read an image or audio file READ
read_multiple_files Read the contents of multiple files simultaneously READ
read_text_file Read complete contents of a file as text READ
search_files Recursively search for files and directories READ
directory_tree Get a recursive tree view of files and directories OTHER
Slack Medium

Can write data, read data, . slack_add_reaction

8 tools show all
slack_add_reaction Add an emoji reaction to a message WRITE
slack_post_message Post a new message to a Slack channel WRITE
slack_get_channel_history Get recent messages from a channel READ
slack_get_thread_replies Get all replies in a message thread READ
slack_get_user_profile Get detailed profile information for a specific user READ
slack_get_users Get list of workspace users with basic profile information READ
slack_list_channels List public or pre-defined channels in the workspace READ
slack_reply_to_thread Reply to a specific message thread OTHER
Puppeteer Medium

Can execute code, . puppeteer_evaluate

7 tools show all
puppeteer_evaluate Execute JavaScript in the browser console EXECUTE
puppeteer_click Click elements on the page OTHER
puppeteer_fill Fill out input fields OTHER
puppeteer_hover Hover elements on the page OTHER
puppeteer_navigate Navigate to any URL in the browser OTHER
puppeteer_screenshot Capture screenshots of the entire page or specific elements OTHER
puppeteer_select Select an element with SELECT tag OTHER
Cloudflare Medium

Can write data, read data, . set_active_account

23 tools show all
set_active_account Set active account for tool calls WRITE
accounts_list List all accounts in your Cloudflare account READ
query_worker_observability Query the Workers Observability API READ
search_cloudflare_documentation Search the Cloudflare documentation READ
workers_get_worker Get the details of a Cloudflare Worker READ
workers_get_worker_code Get the source code of a Cloudflare Worker READ
workers_list List Cloudflare Workers READ
d1_database_create Create a new D1 database OTHER
d1_database_delete Delete a D1 database OTHER
d1_database_get Get a D1 database OTHER
d1_database_query Query a D1 database OTHER
d1_databases_list List all D1 databases OTHER
kv_namespace_create Create a new KV namespace OTHER
kv_namespace_delete Delete a KV namespace OTHER
kv_namespace_get Get details of a KV namespace OTHER
kv_namespace_update Update the title of a KV namespace OTHER
kv_namespaces_list List KV namespaces OTHER
observability_keys Find keys in the Workers Observability Data OTHER
observability_values Find values in the Workers Observability Data OTHER
r2_bucket_create Create a new R2 bucket OTHER
r2_bucket_delete Delete an R2 bucket OTHER
r2_bucket_get Get details about a specific R2 bucket OTHER
r2_buckets_list List R2 buckets OTHER
PostgreSQL Low

Can read data. query

1 tools show all
query Execute a read-only SQL query against the connected database READ
// UNKNOWN SERVERS

We don't have tool data for these servers yet. Use Intercept to scan them live:

@anthropic/mcp-server-gmail
intercept scan -- npx -y @anthropic/mcp-server-gmail
https://policylayer.com/scan/report/65545482-5d1d-472f-9fca-472ff1181d0d

Bookmark or share this report. The URL won't expire.

// RUN THIS ON EVERY PR
.github/workflows/mcp-scan.yml 
name: MCP Scan
on: [pull_request]

jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: PolicyLayer/scan-action@v1
        with:
          fail-on: high
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Posts a scan report on every pull request. GitHub Action docs

Enforce limits on every tool call

Intercept sits between your agent and these servers. Block destructive tools, rate limit writes, allow reads.

npx -y @policylayer/intercept
github.com/policylayer/intercept →
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.