Get Zabbix API method documentation. Call this BEFORE zabbix_api() if you are unsure about method parameters. Shows required/optional parameters with types and descriptions. Args: method: Zabbix API method (format: \'object.action\'). Examples: \'host.get\', \'item.create\', \'trigger.update\' ve...
AI agents call zabbix_api_docs to retrieve information from Zabbix without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.
This is a pure read operation that queries documentation metadata about available Zabbix API methods. It has no side effects and poses minimal security risk as it simply informs the user about API capabilities without executing operations or accessing sensitive monitoring data.
From the tool's definition Tool retrieves and displays API documentation ('Get Zabbix API method documentation', 'Shows required/optional parameters with types and descriptions'). No data modification, deletion, or execution occurs. Returns 'Structured documentation' only.
Documented attack patterns abuse exactly the kind of access zabbix_api_docs gives an agent:
PolicyLayer is an MCP gateway — it sits between your AI agents and Zabbix, and nothing reaches the server without passing your rules. This is the rule we recommend for zabbix_api_docs:
{
"version": "1",
"default": "deny",
"tools": {
"zabbix_api_docs": {}
}
}zabbix_api_docs is read-only, so it stays allowed — but everything else on the server is denied unless you say otherwise.
Free to start. No card required.
Get Zabbix API method documentation. Call this BEFORE zabbix_api() if you are unsure about method parameters. Shows required/optional parameters with types and descriptions. Args: method: Zabbix API method (format: \'object.action\'). Examples: \'host.get\', \'item.create\', \'trigger.update\' version: Zabbix version (e.g., \'7.0\', \'6.0\'). If omitted, uses server version. timeout: HTTP timeout in seconds (default: 10). Returns: Structured documentation with method description, parameters, and return value. Example: zabbix_api_docs(\'host.create\') zabbix_api_docs(\'host.get\', version=\'7.0\') Note: - Always call this when in doubt about parameters - Combine with zabbix_api_list() to discover available methods. It is categorised as a Read tool in the Zabbix MCP Server, which means it retrieves data without modifying state.
Register the Zabbix MCP server in PolicyLayer and add a rule for zabbix_api_docs: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Zabbix. Nothing to install.
zabbix_api_docs is a Read tool with low risk. Read-only tools are generally safe to allow by default.
Yes. Add a rate_limit block to the zabbix_api_docs rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for zabbix_api_docs. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
zabbix_api_docs is provided by the Zabbix MCP server (mpeirone/zabbix-mcp-server). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Start from Zabbix, add the rest of your stack, and see everything your agents can call. Then put policy on all of it.
Free to start. No card required.
3 Zabbix tools catalogued and risk-classified — across an index of 43,000+ MCP servers.