Subscribe to industry (NACE) monitoring: when any Norwegian company in the chosen industry triggers a monitored event (new announcement, status change such as bankruptcy/dissolution, or ownership update), Firmaradar delivers a webhook to your URL. Use list_nace_codes first to resolve the exact co...
Risk signalsAccepts URL/endpoint input (url) · High parameter count (11 properties)
Part of the Firmaradar server.
Free to start. No card required.
AI agents use firmaradar_subscribe_nace to create or modify resources in Firmaradar. Write operations carry medium risk because an autonomous agent could trigger bulk unintended modifications. Rate limits prevent a single agent session from making hundreds of changes in rapid succession. Argument validation ensures the agent passes expected values.
Without a policy, an AI agent could call firmaradar_subscribe_nace repeatedly, creating or modifying resources faster than any human could review. PolicyLayer's rate limiting ensures write operations happen at a controlled pace, and argument validation catches malformed or unexpected inputs before they reach Firmaradar.
Write tools can modify data. A rate limit prevents runaway bulk operations from AI agents.
{
"version": "1",
"default": "deny",
"tools": {
"firmaradar_subscribe_nace": {
"limits": [
{
"counter": "firmaradar_subscribe_nace_rate",
"window": "minute",
"max": 30,
"scope": "grant"
}
]
}
}
}See the full Firmaradar policy for all 31 tools.
These attack patterns abuse exactly the kind of access firmaradar_subscribe_nace gives an agent. Each links to the full case and the policy that stops it:
Other write tools across the catalogue. The same approach applies to each: rate-limit and validate the arguments.
Subscribe to industry (NACE) monitoring: when any Norwegian company in the chosen industry triggers a monitored event (new announcement, status change such as bankruptcy/dissolution, or ownership update), Firmaradar delivers a webhook to your URL. Use list_nace_codes first to resolve the exact code. A subscription on a parent code matches all child codes. Restrict events (e.g. ['status_changed']) and use geographic/size filters to cut volume in large industries, or pick a digest aggregation_mode. Idempotent — upserted on (user, nace_code), so re-subscribing the same code updates it. Requires a user whose plan has Firmaovervakning enabled. Call only when the user has asked to set up industry monitoring.. It is categorised as a Write tool in the Firmaradar MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.
Register the Firmaradar MCP server in PolicyLayer and add a rule for firmaradar_subscribe_nace: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Firmaradar. Nothing to install.
firmaradar_subscribe_nace is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.
Yes. Add a rate_limit block to the firmaradar_subscribe_nace rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for firmaradar_subscribe_nace. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
firmaradar_subscribe_nace is provided by the Firmaradar MCP server (https://mcp.firmaradar.no/mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Deterministic rules across all 31 Firmaradar tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.
Free to start. No card required.
4,600+ MCP servers and 31,000+ tools scanned and risk-classified.