extract_pdf · Docpull MCP: Risk & Policy

WHAT IT DOES

What extract_pdf does on Docpull

AI agents use extract_pdf to commit financial operations through Docpull — usually the final step of a payment, billing, or trading workflow. A call moves real money.

Parameter	Type	Required	Description
`url`	string	—	Publicly accessible URL of the PDF to extract

Parameters from the server's own tool schema.

THE RISK

Critical Risk

Why extract_pdf needs a policy

Each invocation of this tool triggers a financial transaction — paying $0.001 USDC per page processed via the x402 payment protocol. An AI agent misusing this tool (e.g., repeatedly extracting large PDFs) could accumulate unbounded financial charges. This makes it Financial category, and the severity is high because costs scale with usage and there is no account-based cap mentioned.

From the tool's definition Costs $0.001 USDC per page via x402

Risk signalsAccepts URL/endpoint input (url)

Documented attack patterns abuse exactly the kind of access extract_pdf gives an agent:

POLICY

How to control extract_pdf

PolicyLayer is an MCP gateway — it sits between your AI agents and Docpull, and nothing reaches the server without passing your rules. This is the rule we recommend for extract_pdf:

policy.json

{
  "version": "1",
  "default": "deny",
  "tools": {
    "extract_pdf": {
      "deny_if": [
        {
          "conditions": [],
          "on_deny": "Requires human approval."
        }
      ]
    }
  }
}

Any call to extract_pdf is blocked until a human approves it. The rest of the server keeps working.

Create a free account and register Docpull — nothing to install.
Add this policy — paste it, or build it visually.
Point your MCP client (Claude, Cursor, anything) at your gateway URL.

GATE THIS TOOL →

Free to start. No card required.

EXPLORE

Related tools and policies

More Docpull tools

Read health_check Check if the docpull service is running and available. Read probe_pdf Check page count and exact cost for a PDF before extracting. Free, no payment required.

All 3 Docpull tools →

Financial tools on other servers

0xarchive web3_subscribe Math MCP Server financial_calculator MCP Kling generate_video MCP Uber Server uber_request_ride

Go deeper

Critical-risk tools in Docpull → Every critical-risk tool this server exposes, in one view.
All critical-risk MCP tools → Every critical-risk tool across the catalogue, and the policy pattern that contains them.
The MCP Attack Database → Documented attack patterns against MCP deployments — and the policies that stop them.
Human-in-the-loop → When a tool call should wait for a person — and when policy can decide alone.
Tool call approval → Approval gates on individual tool calls: auto-allow, prompt, or deny.
How to Add Spending Controls to Any MCP Agent →
Rate Limiting MCP Tool Calls: A Practical Guide →

FAQ

Questions about extract_pdf

What does the extract_pdf tool do? +

Extract a PDF from a URL and return clean structured Markdown. Costs $0.001 USDC per page via x402. It is categorised as a Financial tool in the Docpull MCP Server, which means it involves financial transactions. Block by default and require explicit approval.

What parameters does extract_pdf accept? +

extract_pdf accepts 1 parameter: url. The full parameter table on this page comes from the server's own tool schema.

How do I enforce a policy on extract_pdf? +

Register the Docpull MCP server in PolicyLayer and add a rule for extract_pdf: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Docpull. Nothing to install.

What risk level is extract_pdf? +

extract_pdf is a Financial tool with critical risk. Critical-risk tools should be blocked by default and only enabled with explicit human approval.

Can I rate-limit extract_pdf? +

Yes. Add a rate_limit block to the extract_pdf rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block extract_pdf completely? +

Set action: deny in the PolicyLayer policy for extract_pdf. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides extract_pdf? +

extract_pdf is provided by the Docpull MCP server (jesse-dxju/docpull). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Enforce policy on every Docpull tool call.

Start from Docpull, add the rest of your stack, and see everything your agents can call. Then put policy on all of it.

CHECK YOUR STACK →

Free to start. No card required.

3 Docpull tools catalogued and risk-classified — across an index of 43,000+ MCP servers.