Move a deal to a specific stage. Use list_stages to find stage_id. Auto-backed up.
AI agents use move_deal_to_stage to create or update resources in Mcp Pipedrive — usually the action step of a workflow, after the agent has gathered context. Every call changes real data in your Mcp Pipedrive environment.
Moving a deal to a different stage modifies deal state reversibly—the action can be undone by moving it back. This is a Write operation (creates or modifies data reversibly), not Destructive (no irreversible deletion).
From the tool's definition Tool description states 'Move a deal to a specific stage' and notes 'Auto-backed up', indicating a reversible modification of deal data.
Attacks that exploit this kind of access
Move a deal to a specific stage. Use list_stages to find stage_id. Auto-backed up. It is categorised as a Write tool in the Mcp Pipedrive MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.
Register the Mcp Pipedrive MCP server in PolicyLayer and add a rule for move_deal_to_stage: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Mcp Pipedrive. Nothing to install.
move_deal_to_stage is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.
Yes. Add a rate_limit block to the move_deal_to_stage rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for move_deal_to_stage. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
move_deal_to_stage is provided by the Mcp Pipedrive MCP server (leonardoceron-yvy/yvy-mcp-pipedrive). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →