prepare_safe_tx_propose

Propose a new Safe (Gnosis Safe) multisig transaction. Wraps an inner action — either a previous prepare_*'s handle (recommended; pulls to/value/data from server-side state) OR raw to / value / data — into a SafeTx, computes its EIP-712 hash, and returns an UnsignedTx that calls Safe.approveHash(...

Server VaultPilot MCP vaultpilot-mcp
Category Read
Risk class Low
Parameters 53 required

What prepare_safe_tx_propose does on VaultPilot MCP

AI agents call prepare_safe_tx_propose to retrieve information from VaultPilot MCP without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.

ParameterTypeRequiredDescription
chain string
inner object Yes
signer string Yes
safeAddress string Yes
nonceOverride string

Parameters from the server's own tool schema.

Why prepare_safe_tx_propose needs a policy

Even though prepare_safe_tx_propose only reads data, uncontrolled read access leaks sensitive information and racks up API costs — an agent caught in a retry loop can make thousands of calls a minute without anyone noticing.

Questions about prepare_safe_tx_propose

What does the prepare_safe_tx_propose tool do? +

Propose a new Safe (Gnosis Safe) multisig transaction. Wraps an inner action — either a previous prepare_*'s handle (recommended; pulls to/value/data from server-side state) OR raw to / value / data — into a SafeTx, computes its EIP-712 hash, and returns an UnsignedTx that calls Safe.approveHash(safeTxHash). The proposer broadcasts that approveHash via send_transaction; once mined, call submit_safe_tx_signature to post the proposal to Safe Transaction Service. Uses the on-chain approveHash flow (NOT off-chain eth_signTypedData_v4) — preserves the WalletConnect anti-Permit2-phishing scope. Default operation is CALL (0); DELEGATECALL (1) is high-risk and is flagged in the receipt. It is categorised as a Read tool in the VaultPilot MCP MCP Server, which means it retrieves data without modifying state.

What parameters does prepare_safe_tx_propose accept? +

prepare_safe_tx_propose accepts 5 parameters: chain, inner, signer, safeAddress, nonceOverride. Required: inner, signer, safeAddress. The full parameter table on this page comes from the server's own tool schema.

How do I enforce a policy on prepare_safe_tx_propose? +

Register the VaultPilot MCP server in PolicyLayer and add a rule for prepare_safe_tx_propose: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches VaultPilot MCP. Nothing to install.

What risk level is prepare_safe_tx_propose? +

prepare_safe_tx_propose is a Read tool with low risk. Read-only tools are generally safe to allow by default.

Can I rate-limit prepare_safe_tx_propose? +

Yes. Add a rate_limit block to the prepare_safe_tx_propose rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block prepare_safe_tx_propose completely? +

Set action: deny in the PolicyLayer policy for prepare_safe_tx_propose. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides prepare_safe_tx_propose? +

prepare_safe_tx_propose is provided by the VaultPilot MCP server (vaultpilot-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.