Validates a Portuguese NIF (Número de Identificação Fiscal) — the 9-digit tax identification number issued by the Portuguese Tax Authority (AT) to individuals and companies. Applies the official modulo-11 checksum algorithm to verify the check digit. Returns { valid: true, nif: string } for valid...
AI agents call validate_nif to retrieve information from Mcp Europe Business without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.
This is a pure validation/verification function that queries tax ID format compliance using a checksum algorithm. It retrieves no sensitive data beyond boolean validation results, creates no records, executes no code or commands, and has no side effects. The blast radius of misuse is minimal — an agent cannot damage systems, delete data, or incur financial obligations through incorrect validations alone.
From the tool's definition Tool validates and returns validation status only — 'Returns { valid: true, nif: string } for valid NIFs, or { valid: false, reason: string }'. No modification, creation, deletion, or execution of external operations occurs.
Attacks that exploit this kind of access
Validates a Portuguese NIF (Número de Identificação Fiscal) — the 9-digit tax identification number issued by the Portuguese Tax Authority (AT) to individuals and companies. Applies the official modulo-11 checksum algorithm to verify the check digit. Returns { valid: true, nif: string } for valid NIFs, or { valid: false, reason: string } for invalid format or failed checksum. First-digit rules are enforced: 1–3 for individuals, 5 for corporations, 6 for public entities, 7–8 for other entities, 9 for occasional taxpayers. Use when processing Portuguese invoices (faturas), onboarding suppliers, validating user registrations, or any fiscal compliance workflow. Does not query the AT database — offline format and checksum validation only. It is categorised as a Read tool in the Mcp Europe Business MCP Server, which means it retrieves data without modifying state.
Register the Mcp Europe Business MCP server in PolicyLayer and add a rule for validate_nif: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Mcp Europe Business. Nothing to install.
validate_nif is a Read tool with low risk. Read-only tools are generally safe to allow by default.
Yes. Add a rate_limit block to the validate_nif rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for validate_nif. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
validate_nif is provided by the Mcp Europe Business MCP server (josemvelez78/mcp-europe-business). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →