A professional domain naming consultation workflow. Call when a user is looking for domain name ideas, starting a new project and needs a domain, or has vague/open-ended domain requirements. Do NOT call when the user already has a specific name to check (use available/bulk_available) or already k...
Risk signalsAccepts freeform code/query input (query)
Part of the DomainKits server.
Free to start. No card required.
AI agents may call name_advisor to permanently remove or destroy resources in DomainKits. Without a policy, an autonomous agent could delete critical data in a loop with no way to undo the damage. PolicyLayer blocks destructive tools by default and requires explicit human approval before enabling them.
Without a policy, an AI agent could call name_advisor in a loop, permanently destroying resources in DomainKits. There is no undo for destructive operations. PolicyLayer blocks this tool by default and only allows it when a human explicitly approves the action.
Destructive tools permanently remove data. Block by default. Only enable with explicit approval workflows.
{
"version": "1",
"default": "deny",
"hide": [
"name_advisor"
]
}See the full DomainKits policy for all 38 tools.
These attack patterns abuse exactly the kind of access name_advisor gives an agent. Each links to the full case and the policy that stops it:
Other destructive tools across the catalogue. The same approach applies to each: deny by default, or require human approval.
A professional domain naming consultation workflow. Call when a user is looking for domain name ideas, starting a new project and needs a domain, or has vague/open-ended domain requirements. Do NOT call when the user already has a specific name to check (use available/bulk_available) or already knows their keyword and wants variations (use domain_generator). This is a multi-turn consulting engagement — conversation first, recommendations second. Never skip the diagnosis phase, and never generate domain suggestions before understanding the user's needs. Workflow: 1. Needs Diagnosis — ask the user questions to understand their project. Start with the essentials (project/industry, target audience, domain purpose), then follow up with budget guidance, TLD preference, and style preference (textural/imagery vs keyword-based). Ask 1-2 questions at a time, not all at once. Do NOT generate any domain names or call any tools in this phase. Even if the user's description seems clear, confirm user persona and brand tonality before proceeding. 2. Semantic Leap — based on confirmed requirements, generate 3-5 metaphor directions that abstract one level up from the industry. Do NOT coin words directly from industry keywords unless the user mentioned them. Examples: travel → docking point → berth; notes → ideas → notion. Present the directions to the user and let them choose before generating any candidates. 3. Domain Search & Verification — along the chosen direction, generate at least 10 candidate names. Every candidate must pass a quality check: does it feel natural in conversation? Does it evoke imagery? Stripped of all context, does the word alone have quality? If you hesitate, discard it. Then use bulk_available, deleted, expired, aged, and tld_check to verify acquisition paths and costs. For deleted and expired searches, try each keyword in different positions (start, end) to maximize coverage. Present results layered by acquisition method: directly registrable → listed for sale → contact owner → monitor/backorder, each with estimated cost. 4. Iterative Refinement — based on user feedback, either generate more candidates in the same direction (with independent thinking — do not reuse previous coining patterns as templates), explore a new metaphor direction (return to step 2), or run brand_match on a finalist. If the current best is already strong, say so — do not force-generate low-quality options to show effort. Key principles: - Communication before generation — better to ask one more question than to blindly generate irrelevant domains. - A good name feels natural, evokes imagery, and has quality on its own. A bad name requires excessive explanation, feels forced, or mismatches the use case. - Help users save money while meeting their needs, but also surface purchase and backorder opportunities when relevant. - All statements must be data-backed. Do not speculate. Minimize etymology explanations — a good name does not need explaining. - Disclose affiliate links.. It is categorised as a Destructive tool in the DomainKits MCP Server, which means it can permanently delete or destroy data. Block by default and require explicit approval.
Register the DomainKits MCP server in PolicyLayer and add a rule for name_advisor: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches DomainKits. Nothing to install.
name_advisor is a Destructive tool with critical risk. Critical-risk tools should be blocked by default and only enabled with explicit human approval.
Yes. Add a rate_limit block to the name_advisor rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for name_advisor. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
name_advisor is provided by the DomainKits MCP server (https://api.domainkits.com/v1/mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Deterministic rules across all 38 DomainKits tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.
Free to start. No card required.
4,600+ MCP servers and 31,000+ tools scanned and risk-classified.