Analyze source files directly and generate the full ${ARTIFACT_COUNT}-artifact AXIS bundle without using GitHub. Returns snapshot_id plus artifact listing; use this for local, generated, or unsaved code. Requires Authorization: Bearer <api_key>. Use analyze_repo for GitHub URLs or improve_my_agen...
AI agents call analyze_files to retrieve information from AXIS iliad without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.
This is a read-only analysis tool that examines source code and produces generated artifacts (documentation, canonical forms) without modifying the underlying codebase, executing arbitrary code, or causing side effects. While it requires authorization and accesses source files, it performs analysis and synthesis only. The most comparable action is "fetch" or "query" applied to a local codebase.
From the tool's definition Tool analyzes source files and generates artifacts; returns snapshot_id and artifact listing. No modification, deletion, or execution of code is performed. The tool reads and processes local code to generate documentation/artifacts.
Attacks that exploit this kind of access
Analyze source files directly and generate the full ${ARTIFACT_COUNT}-artifact AXIS bundle without using GitHub. Returns snapshot_id plus artifact listing; use this for local, generated, or unsaved code. Requires Authorization: Bearer <api_key>. Use analyze_repo for GitHub URLs or improve_my_agent_with_axis for recommendation-first agent hardening. It is categorised as a Read tool in the AXIS iliad MCP Server, which means it retrieves data without modifying state.
Register the AXIS iliad MCP server in PolicyLayer and add a rule for analyze_files: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches AXIS iliad. Nothing to install.
analyze_files is a Read tool with low risk. Read-only tools are generally safe to allow by default.
Yes. Add a rate_limit block to the analyze_files rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for analyze_files. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
analyze_files is provided by the AXIS iliad MCP server (lastmanupinc-hub/axis-iliad). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →