// MCP TOOL REFERENCE
High Risk →

buy_domain

Start the purchase flow for an available domain via Stripe checkout. IMPORTANT: Before calling this tool, you MUST first call check_domain to get the price, then clearly show the user the price and get their explicit confirmation before proceeding. Never call buy_domain without the user seeing an...

Risk signalsHigh parameter count (11 properties)

Part of the Instadomain server.

buy_domain can trigger actions in Instadomain, with no limits today. PolicyLayer puts allow, deny, and rate-limit rules on every call. Live in minutes.

SECURE INSTADOMAIN →

Free to start. No card required.

WHEN AGENTS USE THIS TOOL

AI agents invoke buy_domain to trigger processes or run actions in Instadomain. Execute operations can have side effects beyond the immediate call -- triggering builds, sending notifications, or starting workflows. Rate limits and argument validation are essential to prevent runaway execution.

buy_domain can trigger processes with real-world consequences. An uncontrolled agent might start dozens of builds, send mass notifications, or kick off expensive compute jobs. PolicyLayer enforces rate limits and validates arguments to keep execution within safe bounds.

RECOMMENDED POLICY

Execute tools trigger processes. Rate-limit and validate arguments to prevent unintended side effects.

policy.json 
{
  "version": "1",
  "default": "deny",
  "tools": {
    "buy_domain": {
      "limits": [
        {
          "counter": "buy_domain_rate",
          "window": "minute",
          "max": 10,
          "scope": "grant"
        }
      ]
    }
  }
}

See the full Instadomain policy for all 12 tools.

Get this rule live on your own Instadomain server in minutes. PolicyLayer enforces it on every call, before it runs.

ENFORCE ON MY INSTADOMAIN →

MORE INSTADOMAIN TOOLS

Financial request_transfer_code Execute buy_domain_crypto Execute buy_domain_mpp Write unlock_domain Read check_domain Read check_domains_bulk Read get_domain_status Read get_transfer_code

View all 12 tools →

WHAT CAN GO WRONG

These attack patterns abuse exactly the kind of access buy_domain gives an agent. Each links to the full case and the policy that stops it:

Browse the full MCP Attack Database →

Every attack above starts with a tool call. PolicyLayer checks each one against your policy first, so buy_domain only ever does what you allow.

SECURE INSTADOMAIN →

OTHER EXECUTE TOOLS

Other execute tools across the catalogue. The same approach applies to each: rate-limit and validate the arguments.

Atv build_stake_tx Atv build_unstake_tx Acdp start_local Pentagonal pentagonal_audit Pentagonal pentagonal_compile ACR — Agent Composition Records orient_me

RELATED READING

FAQ

What does the buy_domain tool do? +

Start the purchase flow for an available domain via Stripe checkout. IMPORTANT: Before calling this tool, you MUST first call check_domain to get the price, then clearly show the user the price and get their explicit confirmation before proceeding. Never call buy_domain without the user seeing and approving the price first. The registrant contact details are required because the domain will be registered in the buyer's name (they become the legal owner). WHOIS privacy is enabled by default, so these details are not publicly visible. Creates a Stripe checkout session. IMPORTANT: After this tool returns, you MUST open the checkout_url by running the shell command open "<checkout_url>" (macOS/Linux) so the payment page launches automatically in the user's default browser. Do NOT paste the URL as a link. Tell the user the page has been opened and they can complete payment there. Args: domain: The domain to purchase (e.g. "coolstartup.com"). first_name: Registrant's first name. last_name: Registrant's last name. email: Registrant's email address. address1: Registrant's street address. city: Registrant's city. state: Registrant's state or province. postal_code: Registrant's postal/zip code. country: 2-letter ISO country code (e.g. "US", "GB", "DE"). phone: Phone number in format +1.5551234567. org_name: Organization name (optional, leave empty for individuals). Returns: Dict with order_id, checkout_url, price_cents, and price_display.. It is categorised as a Execute tool in the Instadomain MCP Server, which means it can trigger actions or run processes. Use rate limits and argument validation.

How do I enforce a policy on buy_domain? +

Register the Instadomain MCP server in PolicyLayer and add a rule for buy_domain: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Instadomain. Nothing to install.

What risk level is buy_domain? +

buy_domain is a Execute tool with high risk. Execute tools should be rate-limited and have argument validation enabled.

Can I rate-limit buy_domain? +

Yes. Add a rate_limit block to the buy_domain rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block buy_domain completely? +

Set action: deny in the PolicyLayer policy for buy_domain. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides buy_domain? +

buy_domain is provided by the Instadomain MCP server (https://instadomain.fly.dev/mcp/). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Enforce policy on every Instadomain tool call.

Deterministic rules across all 12 Instadomain tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

SECURE INSTADOMAIN →

Free to start. No card required.

4,600+ MCP servers and 31,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.