// WHAT CAN GO WRONG

Financial operations (1ly_withdraw) can move real money. An agent caught in a loop could drain accounts before anyone notices.

Destructive tools (1ly_delete_link, 1ly_revoke_key) permanently delete resources. There is no undo. An agent calling these in a retry loop causes irreversible damage.

Write operations (1ly_create_key, 1ly_create_link, 1ly_create_store) modify state. Without rate limits, an agent can make hundreds of changes in seconds -- faster than any human can review or revert.

Execute tools (1ly_launch_token) trigger processes with side effects. Builds, notifications, workflows -- all fired without throttling.

// TOOLS THAT NEED LIMITS

These 1ly tools can modify, create, or destroy resources. Without a policy, your agent has unrestricted access to all of them.

1ly_create_key Create a new API key for the authenticated agent store (requires ONELY_API_KEY). Write

1ly_create_link Create a new API link (paid or free) using your 1ly developer API key. Write

1ly_create_store Create a new store for your agent on 1ly using wallet signature.Returns store + API key. Write

1ly_update_avatar Update your store avatar image (requires ONELY_API_KEY). Write

1ly_update_link Update an API link by id (requires ONELY_API_KEY). Write

1ly_update_profile Update basic store profile details (requires ONELY_API_KEY). Write

1ly_update_socials Update socials for your store (requires ONELY_API_KEY). Write

1ly_withdraw Request a withdrawal of your available balance to a Solana wallet (requires ONELY_API_KEY). Financial

1ly_delete_link Delete an API link by id (requires ONELY_API_KEY). Destructive

1ly_revoke_key Revoke an API key for the authenticated agent store (requires ONELY_API_KEY). Destructive

1ly_launch_token Launch a token on Bags.fm (v2 flow). Handles metadata, fee config, launch tx, signing, and submission. Execute

// RECOMMENDED RULES

These rules are based on the tool categories exposed by the 1ly MCP server. Adjust the limits to match your use case.

Block financial tools by default

1ly_withdraw:
    rules:
      - action: deny
        on_deny: "Financial operations require approval"

Financial tools should be explicitly enabled per use case, not open by default.

Deny destructive operations

1ly_delete_link:
    rules:
      - action: deny
        on_deny: "Destructive operations blocked by policy"

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations

1ly_create_key:
    rules:
      - name: "write-rate-limit"
        rate_limit: 30/hour
        on_deny: "Write rate limit reached"

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations

1ly_call:
    rules:
      - action: allow
        rate_limit: 60/minute

Controls API costs and prevents retry loops from exhausting upstream rate limits.

// FULL POLICY

This is the complete policy file for 1ly. It lists every tool with suggested default rules. Download it, adjust the limits, and run with Intercept.

io-github-1lystore-mcp-server.yaml

version: "1"
default: "deny"

tools:
  1ly_delete_link:
    rules:
      - action: deny
        on_deny: "Destructive operation blocked by policy"
  1ly_revoke_key:
    rules:
      - action: deny
        on_deny: "Destructive operation blocked by policy"
  1ly_launch_token:
    rules:
      - action: allow
        rate_limit: 10/hour
        validate:
          required_args: true
  1ly_withdraw:
    rules:
      - action: deny
        on_deny: "Financial operation requires approval"
  1ly_call:
    rules:
      - action: allow
        rate_limit: 60/minute
  1ly_claim_fees:
    rules:
      - action: allow
        rate_limit: 60/minute
  1ly_get_details:
    rules:
      - action: allow
        rate_limit: 60/minute
  1ly_get_stats:
    rules:
      - action: allow
        rate_limit: 60/minute
  1ly_list_keys:
    rules:
      - action: allow
        rate_limit: 60/minute
  1ly_list_links:
    rules:
      - action: allow
        rate_limit: 60/minute
  1ly_list_tokens:
    rules:
      - action: allow
        rate_limit: 60/minute
  1ly_list_withdrawals:
    rules:
      - action: allow
        rate_limit: 60/minute
  1ly_review:
    rules:
      - action: allow
        rate_limit: 60/minute
  1ly_search:
    rules:
      - action: allow
        rate_limit: 60/minute
  1ly_trade_quote:
    rules:
      - action: allow
        rate_limit: 60/minute
  1ly_trade_token:
    rules:
      - action: allow
        rate_limit: 60/minute
  1ly_create_key:
    rules:
      - action: allow
        rate_limit: 30/hour
  1ly_create_link:
    rules:
      - action: allow
        rate_limit: 30/hour
  1ly_create_store:
    rules:
      - action: allow
        rate_limit: 30/hour
  1ly_update_avatar:
    rules:
      - action: allow
        rate_limit: 30/hour
  1ly_update_link:
    rules:
      - action: allow
        rate_limit: 30/hour
  1ly_update_profile:
    rules:
      - action: allow
        rate_limit: 30/hour
  1ly_update_socials:
    rules:
      - action: allow
        rate_limit: 30/hour

// ENFORCE IT

Two commands. Under two minutes.

Download the policy

curl -o io-github-1lystore-mcp-server.yaml https://raw.githubusercontent.com/policylayer/intercept/main/policies/io-github-1lystore-mcp-server.yaml

Run Intercept in front of the server

intercept -c io-github-1lystore-mcp-server.yaml -- npx -y @@1ly/mcp-server

Works with any MCP client:

Claude Code Cursor Claude Desktop Windsurf

Every tool call is now checked against your policy before it reaches 1ly. Denied calls are blocked and logged. Allowed calls pass through with no latency impact.

1ly: 11 unrestricted tools

Two commands. Under two minutes.

Enforce policies on 1ly