Manage frontend deployments, environment variables, and custom domains for a Butterbase app. Actions: - "start_deployment": Start a frontend deployment after uploading your zip file. Call after uploading zip to the URL returned by create_frontend_deployment. Polls until complete (up to 5 minutes)...
Risk signalsAccepts URL/endpoint input (hostname) · High parameter count (12 properties)
Part of the Mcp server.
Free to start. No card required.
AI agents use manage_frontend to create or modify resources in Mcp. Write operations carry medium risk because an autonomous agent could trigger bulk unintended modifications. Rate limits prevent a single agent session from making hundreds of changes in rapid succession. Argument validation ensures the agent passes expected values.
Without a policy, an AI agent could call manage_frontend repeatedly, creating or modifying resources faster than any human could review. PolicyLayer's rate limiting ensures write operations happen at a controlled pace, and argument validation catches malformed or unexpected inputs before they reach Mcp.
Write tools can modify data. A rate limit prevents runaway bulk operations from AI agents.
{
"version": "1",
"default": "deny",
"tools": {
"manage_frontend": {
"limits": [
{
"counter": "manage_frontend_rate",
"window": "minute",
"max": 30,
"scope": "grant"
}
]
}
}
}See the full Mcp policy for all 47 tools.
These attack patterns abuse exactly the kind of access manage_frontend gives an agent. Each links to the full case and the policy that stops it:
Other write tools across the catalogue. The same approach applies to each: rate-limit and validate the arguments.
Manage frontend deployments, environment variables, and custom domains for a Butterbase app. Actions: - "start_deployment": Start a frontend deployment after uploading your zip file. Call after uploading zip to the URL returned by create_frontend_deployment. Polls until complete (up to 5 minutes). - "list_deployments": List frontend deployment history for an app (read-only). - "create_from_source": Create a source-based deployment and get a presigned upload URL (Mode 1). Upload your source zip to the URL via HTTP PUT with Content-Type: application/zip (max 50 MB). - "start_from_source": Start the build for a source-based deployment (Mode 2). Requires deployment_id from create_from_source and a lockfile_hash. - "set_env": Set environment variables for frontend builds (upserts). - "configure_custom_domain": Manage custom domains. Requires domain_action sub-option. Parameters by action: start_deployment: { app_id, action: "start_deployment", deployment_id } list_deployments: { app_id, action: "list_deployments" } create_from_source: { app_id, action: "create_from_source" } start_from_source: { app_id, action: "start_from_source", deployment_id, lockfile_hash, build_command?, output_dir?, package_manager?, user_env? } set_env: { app_id, action: "set_env", vars } configure_custom_domain: { app_id, action: "configure_custom_domain", domain_action, hostname?, domain_id? } domain_action sub-options: "add": { hostname } — Register a new custom domain "list": {} — List all custom domains for an app "status": { domain_id } — Check verification/SSL status of a domain "remove": { domain_id } — Remove a custom domain "verify": { domain_id } — Trigger re-verification of a pending domain Common errors: - RESOURCE_NOT_FOUND: App or deployment doesn't exist - INVALID_STATUS: Deployment is not in WAITING status (zip may not have been uploaded yet) - UPLOAD_EXPIRED: The upload URL expired before the zip was uploaded - STATE_PREREQUISITE_MISSING: Source zip not yet uploaded (PUT to upload_url first) - QUOTA_FILE_SIZE_EXCEEDED: Source zip exceeds 50 MB - BUILD_FAILED: Build command exited with non-zero status (check logs_url for details) - VALIDATION_INVALID_SCHEMA: vars must be a non-empty object - feature_not_available: Free plan — upgrade to Pro (custom domains) - RESOURCE_ALREADY_EXISTS: Hostname already registered. It is categorised as a Write tool in the Mcp MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.
Register the MCP server in PolicyLayer and add a rule for manage_frontend: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Mcp. Nothing to install.
manage_frontend is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.
Yes. Add a rate_limit block to the manage_frontend rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for manage_frontend. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
manage_frontend is provided by the MCP server (@butterbase/mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Deterministic rules across all 47 Mcp tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.
Free to start. No card required.
4,600+ MCP servers and 31,000+ tools scanned and risk-classified.