This function calls a specific Nodit Blockchain Context API using its operationId. Before making the call, it's recommended to verify the detailed API specifications using the 'get_nodit_api_spec' tool. Please note that using this tool will consume your API quota.
AI agents invoke call_nodit_api to trigger actions in Nodit. What it does depends on the arguments the agent supplies, and its effects often reach beyond the immediate call — builds kicked off, notifications sent, workflows started.
| Parameter | Type | Required | Description |
|---|---|---|---|
chain | string | Yes | Nodit chain to call. e.g. 'ethereum' or 'polygon'. |
network | string | Yes | Nodit network to call. e.g. 'mainnet' or 'amoy'. |
pathParams | object | — | Path parameters that fill {placeholders} in the request URL (e.g. { address: '0x...' }). Map each 'path' parameter from get_nodit_api_spec to a key here. |
operationId | string | Yes | Nodit API operationId to call. Must include the chain prefix (e.g., 'ethereum-eth_blocknumber', 'polygon-eth_blocknumber', 'aptos-getAccount'). |
queryParams | object | — | Query string parameters appended to the request URL (e.g. { 'pagination.limit': 10 }). Map each 'query' parameter from get_nodit_api_spec to a key here. |
requestBody | object | — | JSON request body for POST/PUT endpoints (JSON-RPC, etc.). Not for path/query parameters — use pathParams/queryParams for those. |
Parameters from the server's own tool schema.
This tool executes external API calls to a blockchain service. The effect depends entirely on which operationId is invoked — it could be a read, write, or even a destructive/financial operation. Since the tool is a general-purpose API caller whose behavior varies by arguments and can trigger arbitrary blockchain operations, Execute is the most appropriate base category.
From the tool's definition 'calls a specific Nodit Blockchain Context API using its operationId' and 'using this tool will consume your API quota'
Attacks that exploit this kind of access
This function calls a specific Nodit Blockchain Context API using its operationId. Before making the call, it's recommended to verify the detailed API specifications using the 'get_nodit_api_spec' tool. Please note that using this tool will consume your API quota. It is categorised as a Execute tool in the Nodit MCP Server, which means it can trigger actions or run processes. Use rate limits and argument validation.
call_nodit_api accepts 6 parameters: chain, network, pathParams, operationId, queryParams, requestBody. Required: chain, network, operationId. The full parameter table on this page comes from the server's own tool schema.
Register the Nodit MCP server in PolicyLayer and add a rule for call_nodit_api: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Nodit. Nothing to install.
call_nodit_api is a Execute tool with high risk. Execute tools should be rate-limited and have argument validation enabled.
Yes. Add a rate_limit block to the call_nodit_api rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for call_nodit_api. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
call_nodit_api is provided by the Nodit MCP server (@noditlabs/nodit-mcp-server). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →