Buy shares in a prediction market. Buy YES if you think the event will happen, NO if you think it won\
AI agents use agora_trade to commit financial operations through Agora MCP Server — usually the final step of a payment, billing, or trading workflow. A call moves real money.
This tool directly executes financial transactions by buying shares in a prediction market. It commits real or virtual financial value on behalf of the user, placing it firmly in the Financial category. Misuse by an AI agent could result in unintended financial commitments or losses, making the severity critical.
From the tool's definition 'Buy shares in a prediction market. Buy YES if you think the event will happen, NO if you think it won\'t' — explicitly purchases shares, committing financial resources in a prediction market
Attacks that exploit this kind of access
Buy shares in a prediction market. Buy YES if you think the event will happen, NO if you think it won\. It is categorised as a Financial tool in the Agora MCP Server MCP Server, which means it involves financial transactions. Block by default and require explicit approval.
Register the Agora MCP Server MCP server in PolicyLayer and add a rule for agora_trade: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Agora MCP Server. Nothing to install.
agora_trade is a Financial tool with critical risk. Critical-risk tools should be blocked by default and only enabled with explicit human approval.
Yes. Add a rate_limit block to the agora_trade rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for agora_trade. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
agora_trade is provided by the Agora MCP Server MCP server (kevins-openclaw-lab/agora-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →