install_plugin

Install a Grafana plugin by its plugin ID. If the version is not already confirmed with the user, omit it — the tool will look up the latest version and return it for confirmation before installing.

Server Mcp Grafana Npx mcp-grafana-npx
Category Execute
Risk class High
Parameters 21 required

What install_plugin does on Mcp Grafana Npx

AI agents invoke install_plugin to trigger actions in Mcp Grafana Npx. What it does depends on the arguments the agent supplies, and its effects often reach beyond the immediate call — builds kicked off, notifications sent, workflows started.

ParameterTypeRequiredDescription
version string The exact version to install. Must be confirmed with the user before calling — if unknown, omit this field to look up the latest version first.
pluginId string Yes The plugin ID to install (e.g. 'grafana-image-renderer', 'grafana-piechart-panel')

Parameters from the server's own tool schema.

Why install_plugin needs a policy

Installing a plugin executes an operation that modifies the running Grafana environment by adding new software. This goes beyond a simple write (data creation/modification) as it installs executable code/extensions into the system. Misuse could introduce malicious plugins, making severity high.

From the tool's definition 'Install a Grafana plugin by its plugin ID' — installs software/plugins into the Grafana instance, triggering an external installation operation

Questions about install_plugin

What does the install_plugin tool do? +

Install a Grafana plugin by its plugin ID. If the version is not already confirmed with the user, omit it — the tool will look up the latest version and return it for confirmation before installing. It is categorised as a Execute tool in the Mcp Grafana Npx MCP Server, which means it can trigger actions or run processes. Use rate limits and argument validation.

What parameters does install_plugin accept? +

install_plugin accepts 2 parameters: version, pluginId. Required: pluginId. The full parameter table on this page comes from the server's own tool schema.

How do I enforce a policy on install_plugin? +

Register the Mcp Grafana Npx MCP server in PolicyLayer and add a rule for install_plugin: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Mcp Grafana Npx. Nothing to install.

What risk level is install_plugin? +

install_plugin is a Execute tool with high risk. Execute tools should be rate-limited and have argument validation enabled.

Can I rate-limit install_plugin? +

Yes. Add a rate_limit block to the install_plugin rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block install_plugin completely? +

Set action: deny in the PolicyLayer policy for install_plugin. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides install_plugin? +

install_plugin is provided by the Mcp Grafana Npx MCP server (mcp-grafana-npx). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

// LOOK UP ANOTHER SERVER

Every MCP server has a record like this.

Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.

Teams ship this data inside their own products. See what a licence covers →

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.