Validates a Brazilian CPF (Cadastro de Pessoas Físicas) — the 11-digit individual taxpayer identification number issued by the Receita Federal. Applies the official two-pass modulo-11 checksum algorithm. Returns { valid: boolean, cpf: string } for valid CPFs, or { valid: false, reason: string } f...
AI agents call validate_cpf to retrieve information from Mcp Latam Business without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.
This tool retrieves and validates existing data (a CPF number) against a known algorithm, producing only a boolean validity result and metadata. It has no side effects, does not modify any records, and does not trigger external operations or financial transactions.
From the tool's definition Tool performs validation only: 'Applies the official two-pass modulo-11 checksum algorithm. Returns { valid: boolean, cpf: string }... Offline validation only — does not query Receita Federal.' No data modification, deletion, or external state changes occur.
Attacks that exploit this kind of access
Validates a Brazilian CPF (Cadastro de Pessoas Físicas) — the 11-digit individual taxpayer identification number issued by the Receita Federal. Applies the official two-pass modulo-11 checksum algorithm. Returns { valid: boolean, cpf: string } for valid CPFs, or { valid: false, reason: string } for invalid format or failed checksum. Rejects known invalid sequences (all same digits). Use when processing Brazilian e-commerce orders, fintech onboarding, KYC flows, or any compliance workflow requiring a verified Brazilian individual tax ID. Offline validation only — does not query Receita Federal. It is categorised as a Read tool in the Mcp Latam Business MCP Server, which means it retrieves data without modifying state.
Register the Mcp Latam Business MCP server in PolicyLayer and add a rule for validate_cpf: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Mcp Latam Business. Nothing to install.
validate_cpf is a Read tool with low risk. Read-only tools are generally safe to allow by default.
Yes. Add a rate_limit block to the validate_cpf rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for validate_cpf. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
validate_cpf is provided by the Mcp Latam Business MCP server (josemvelez78/mcp-latam-business). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →