// MCP TOOL REFERENCE
Medium Risk

intel_inject

Fetches a domain's homepage and checks for content patterns that could constitute prompt injection attacks against AI agents that visit and ingest the page. Signals include hidden text, invisible divs, <!-- AI: ignore --> style comments, and known injection patterns. Use this tool when: - You are...

Part of the TunnelMind Data API server.

intel_inject can modify TunnelMind Data API data, with no limits today. PolicyLayer puts allow, deny, and rate-limit rules on every call. Live in minutes.

SECURE TUNNELMIND DATA API →

Free to start. No card required.

WHEN AGENTS USE THIS TOOL

AI agents use intel_inject to create or modify resources in TunnelMind Data API. Write operations carry medium risk because an autonomous agent could trigger bulk unintended modifications. Rate limits prevent a single agent session from making hundreds of changes in rapid succession. Argument validation ensures the agent passes expected values.

Without a policy, an AI agent could call intel_inject repeatedly, creating or modifying resources faster than any human could review. PolicyLayer's rate limiting ensures write operations happen at a controlled pace, and argument validation catches malformed or unexpected inputs before they reach TunnelMind Data API.

RECOMMENDED POLICY

Write tools can modify data. A rate limit prevents runaway bulk operations from AI agents.

policy.json 
{
  "version": "1",
  "default": "deny",
  "tools": {
    "intel_inject": {
      "limits": [
        {
          "counter": "intel_inject_rate",
          "window": "minute",
          "max": 30,
          "scope": "grant"
        }
      ]
    }
  }
}

See the full TunnelMind Data API policy for all 54 tools.

Get this rule live on your own TunnelMind Data API server in minutes. PolicyLayer enforces it on every call, before it runs.

ENFORCE ON MY TUNNELMIND DATA API →

MORE TUNNELMIND DATA API TOOLS

Destructive cancel_task Destructive revoke_api_key Write audit_export Write generate_receipt Write intel_agent Write intel_http Write sigil_ads_txt_history Write sigil_atap_register_ait

View all 54 tools →

WHAT CAN GO WRONG

These attack patterns abuse exactly the kind of access intel_inject gives an agent. Each links to the full case and the policy that stops it:

Browse the full MCP Attack Database →

Every attack above starts with a tool call. PolicyLayer checks each one against your policy first, so intel_inject only ever does what you allow.

SECURE TUNNELMIND DATA API →

OTHER WRITE TOOLS

Other write tools across the catalogue. The same approach applies to each: rate-limit and validate the arguments.

Firecrawl Web Scraping Server firecrawl_generate_llmstxt AbraFlexi contact_create AbraFlexi contact_update AbraFlexi evidence_create AbraFlexi evidence_update AbraFlexi invoice_issued_update

RELATED READING

FAQ

What does the intel_inject tool do? +

Fetches a domain's homepage and checks for content patterns that could constitute prompt injection attacks against AI agents that visit and ingest the page. Signals include hidden text, invisible divs, <!-- AI: ignore --> style comments, and known injection patterns. Use this tool when: - You are vetting a domain before feeding its content into an LLM context. - You want to assess the prompt injection risk of a URL before browsing it with an agent. - You are auditing a set of domains for adversarial AI content. Do NOT use this tool when: - You want tracker surveillance data — use get_domain instead. - You want AI training opt-out signals — use intel_optout instead. - You want the agent surface (MCP/OpenAPI) — use intel_agent instead. Inputs: - domain (query, required): Domain to scan. Returns: - injection_signals: list of signal types detected (e.g., hidden_text, ai_instruction_comment, invisible_div). - risk_level: none, low, medium, or high based on signal count and type. Cost: - Free. No API key required. Latency: - Typical: 2-4s (HTML fetch), p99: 7s.. It is categorised as a Write tool in the TunnelMind Data API MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.

How do I enforce a policy on intel_inject? +

Register the TunnelMind Data API MCP server in PolicyLayer and add a rule for intel_inject: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches TunnelMind Data API. Nothing to install.

What risk level is intel_inject? +

intel_inject is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.

Can I rate-limit intel_inject? +

Yes. Add a rate_limit block to the intel_inject rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block intel_inject completely? +

Set action: deny in the PolicyLayer policy for intel_inject. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides intel_inject? +

intel_inject is provided by the TunnelMind Data API MCP server (https://mcp-data.tunnelmind.ai/mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Enforce policy on every TunnelMind Data API tool call.

Deterministic rules across all 54 TunnelMind Data API tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

SECURE TUNNELMIND DATA API →

Free to start. No card required.

4,600+ MCP servers and 31,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.