AI agents call xhs_read_posting_guidelines to retrieve information from XHS-MCP without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.
This tool reads posting guidelines and generates suggestions based on them. It retrieves information without creating side effects, modifying data, executing external operations, or making financial transactions. The tool is purely informational and analytical in nature.
From the tool's definition Tool name 'xhs_read_posting_guidelines' and description '读取发帖指导原则并生成发帖计划建议' (read posting guidelines and generate posting plan suggestions) indicate retrieval and analysis of guidelines. No modification, deletion, execution, or financial operations occur.
Attacks that exploit this kind of access
读取发帖指导原则并生成发帖计划建议。注意:要添加待发布的笔记,请使用 xhs_create_or_update_post 工具,传入标题和内容等参数。标题将作为唯一键,如果已存在相同标题的笔记则会更新。. It is categorised as a Read tool in the XHS-MCP MCP Server, which means it retrieves data without modifying state.
Register the XHS- MCP server in PolicyLayer and add a rule for xhs_read_posting_guidelines: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches XHS-MCP. Nothing to install.
xhs_read_posting_guidelines is a Read tool with low risk. Read-only tools are generally safe to allow by default.
Yes. Add a rate_limit block to the xhs_read_posting_guidelines rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for xhs_read_posting_guidelines. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
xhs_read_posting_guidelines is provided by the XHS- MCP server (lastkimi/xhs-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →