Subscribe to or cancel a creator
AI agents use manage_membership to commit financial operations through Kreato MCP Server — usually the final step of a payment, billing, or trading workflow. A call moves real money.
Subscribing to a creator involves committing to recurring payments (a financial obligation), placing this firmly in the Financial category. Cancellation is also included, but the most severe action is the subscription/payment commitment. Misuse could result in unauthorized recurring charges.
From the tool's definition Subscribe to or cancel a creator — subscribing initiates a recurring financial obligation; cancelling terminates one. Combined with server context of 'managing memberships' for Web3 creator monetization.
Attacks that exploit this kind of access
Subscribe to or cancel a creator. It is categorised as a Financial tool in the Kreato MCP Server MCP Server, which means it involves financial transactions. Block by default and require explicit approval.
Register the Kreato MCP Server MCP server in PolicyLayer and add a rule for manage_membership: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Kreato MCP Server. Nothing to install.
manage_membership is a Financial tool with critical risk. Critical-risk tools should be blocked by default and only enabled with explicit human approval.
Yes. Add a rate_limit block to the manage_membership rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for manage_membership. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
manage_membership is provided by the Kreato MCP Server MCP server (kreatospace/mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →