67 tools from the Clevername MCP Server, categorised by risk level.
View the Clevername policy →agent__list_departments List departments in the caller's org. Use before agent__setup to get valid department names. agent__list_dependencies List active MCP server and skill dependency bindings for an owned Guard API agent. agent__list_members List agents and humans in the caller's org. Use before agent__setup to find valid reports_to names. aithroyz_get_tenant Get full details for an Aithroyz tenant environment including plan and latest provisioning request. aithroyz_list_tenants List all Aithroyz cybersecurity tenant environments with their provisioning status. ask_best Ask the best LLM for this task — Clevername auto-selects the provider. Claude for reasoning/code/writing, GPT for structured output/data, Gemini fo... ask_claude Ask Anthropic Claude a question. Returns the response as plain text. Best for: reasoning, code review, writing, analysis, nuanced judgment. Uses yo... ask_consensus Ask multiple LLM providers the same question in parallel and get all their answers. Useful for high-stakes decisions where you want multiple perspe... ask_gemini Ask Google Gemini a question. Returns the response as plain text. Best for: long document summarization (2M context), multimodal tasks, Google ecos... ask_gpt Ask OpenAI GPT a question. Returns the response as plain text. Best for: data analysis, function calling, vision tasks, structured output. Uses you... ask_llm Ask any supported LLM provider a question. Specify the provider explicitly. Supported: 'anthropic' (Claude), 'openai' (GPT), 'gemini' (Google Gemin... deactivate_mcp Deactivate a plugin MCP server for this session. Removes its tools from the available tool list. get_audit_logs Retrieve audit log entries — every API call made through Hub Core, with endpoint, status, route plan, and error details. 2/5 get_errors Get recent errors across all services. Quick way to see what is broken. Returns ERROR and above severity logs. get_identity Get the current authenticated user identity from Hub Core. Returns user_id, identity_source, and any JWT claims. get_project Get a specific project by ID. get_telemetry_costs Get detailed cost breakdown by model/provider for the current user. get_telemetry_summary Get a usage summary — total requests, token counts, cost by provider/model, and error rates — for the current user over a time range. guard_get_profile Get the full compiled guardrail profile for an agent.
For basic verification, check confirmed_settings + defaults_applied in the onboard response.
... 2/5 guard_list_agents List all Guard-registered agents for the current user.
Each object contains:
agent_id -- UUID; input for guard_get_profile, guard_update_a... health_check Ping Hub Core to verify it is reachable and returning 200 OK. list_active_mcps List MCP servers currently active in this session, along with their tool names. list_available_mcps Call this FIRST when you need a capability not in your current tool list. Returns every service accessible through this Clevername gateway — user-r... 2/5 list_log_services List all services that have logged in the last 24 hours. Useful to see which services are active and what names to filter by. list_mcp_connections List all MCP server connections registered by the current user in Hub Core. These are user-registered servers (not from the marketplace). list_mcp_credentials List all MCP marketplace server credentials (key vault). Returns hints only — never plaintext keys. list_mcp_tools Get all tools currently injected into chat from the user's active MCP connections. Returns the prefixed tool names and their schemas. list_memories List memories stored in Clevername, optionally filtered by project or tag. list_models List all AI models available through Clevername routing layer (Claude, GPT, Gemini, Ollama, etc.). list_projects List all projects belonging to the current user. list_tool_groups List all tool groups with enabled/disabled status, tool counts, and tool names. Call this first to understand what capabilities are currently activ... log_stats Get log volume and error rate statistics. Shows total entries, error count, error rate, and breakdown by service. Use this to check overall system ... ping_mcp_connection Test connectivity to a registered MCP server. Returns latency and tool list if reachable. query_logs Search logs across all Floyd Media GCP projects (hub-core, ANCP, Aithroyz, etc). Filter by project, service, severity, text, or trace ID. Returns m... refresh_tools Force-refresh the cached tool list from the clevername hub. Call this after: enabling/disabling tool groups with set_tool_groups, activating or dea... search_memories Semantic and full-text search across all memories. Prefers vector similarity (pgvector) when available, falls back to keyword search. Use this to f... vault_preview Preview what secrets would be discovered from the org's connected keystore without importing. Returns classified secrets with provider/integration ... vault_sync_status List vault sync jobs and discovered items for an org. Shows what was found, classified, imported, and what needs review. activate_mcp Activate a plugin MCP server for this session. Fetches its tool definitions and adds them to the available tools. Use list_available_mcps to see wh... 2/5 add_mcp_connection Register a new MCP server connection. Hub Core will start injecting its tools into chat completions. 2/5 agent__activate Activate an inactive Guard API agent (sets status to active). Blocked if org requires council approval and agent is not yet approved. 2/5 agent__add_dependency Add an MCP server or skill dependency binding to an owned Guard API agent. 2/5 agent__setup Update profile fields (title, description, model, department, reports_to) for an owned Guard API agent. Call agent__list_departments and agent__lis... 2/5 aithroyz_create_tenant_plan Create a new Aithroyz tenant plan for a cybersecurity environment. 2/5 chat_complete Send a multi-turn chat completion through Clevername's AI routing layer. Accepts full conversation history (OpenAI message format). Automatically s... 2/5 clevername_login Authenticate with Clevername using the OAuth Device Authorization flow. Opens a browser-based Google sign-in and waits for you to complete it. Once... 2/5 create_memory Store a new memory in Clevername's persistent memory store. Memories are user-scoped and can be tagged and linked to projects. 2/5 create_project Create a new project in Clevername for organizing memories and context. 2/5 export_config Export your MCP server configuration for direct IDE connection without the clevername gateway 2/5 guard_register_agent PRE-PROVISIONING / FLEET SETUP ONLY. Register an agent and get a cnk_* token
WITHOUT starting an active session. Use for CI/CD pipelines or pre-pro... 2/5 route_plan Get a routing recommendation for a task without actually calling any LLM. Returns the recommended model, fallbacks, privacy level, estimated cost, ... 2/5 set_tool_groups Enable or disable tool groups. Persists to your user settings and takes effect immediately. Core groups cannot be disabled. 2/5 update_project Update a project name, description, or attached context JSON. 2/5 upsert_mcp_credential Store or update a BYOK (bring-your-own-key) credential for a marketplace MCP server. The key is encrypted at rest and validated before storing. For... 3/5 agent__remove_dependency Revoke an MCP server or skill dependency binding from an owned Guard API agent. 4/5 aithroyz_destroy_tenant Destroy all cloud resources for an Aithroyz tenant environment. This is irreversible. 4/5 delete_mcp_connection Remove a registered MCP server connection. 4/5 delete_mcp_credential Revoke and delete a stored MCP marketplace credential. 4/5 delete_memory Delete a specific memory by its ID. 4/5 delete_project Delete a project by ID. 4/5 guard_delete_agent Permanently deactivate an agent and revoke all its tokens. Audit history is retained.
In-flight calls are rejected immediately after deletion.
IRR... 4/5 guard_onboard_agent Guard gives every AI agent a compliance boundary: stops budget overruns, blocks unauthorized tools,
redacts PII, and enforces compliance framewor... 5/5 guard_revoke_token Revoke a cnk_* token by token_id. Rotates credentials without deactivating the agent.
After revocation, calls using the old token return 401 immedi... 4/5 sync_from_claude_config Scan your local Claude MCP config files and import registered servers into Clevername. HTTP/SSE servers become proxied MCP connections — once impor... 4/5 aithroyz_provision_tenant Trigger provisioning of an Aithroyz tenant environment. If the operator has SignedApproval linked, a mobile approval gate will fire first. 3/5 call_mcp_tool Directly invoke a tool on one of the user's registered MCP servers by connection_id. Use this for one-off tool calls without activating the full se... 3/5 vault_sync Trigger a vault sync — discovers secrets from the org's connected keystore, classifies them, validates credentials, and auto-creates integration re... 4/5 The Clevername MCP server exposes 67 tools across 4 categories: Read, Write, Destructive, Execute.
Use Intercept, the open-source MCP proxy. Write YAML rules for each tool — rate limits, argument validation, or deny rules — then run Intercept in front of the Clevername server.
Clevername tools are categorised as Read (38), Write (16), Destructive (10), Execute (3). Each category has a recommended default policy.
Open source. One binary. Zero dependencies.
npx -y @policylayer/intercept