Return the current git branch for every configured repo. Respects the enabled flag and showReferenceRepos toggle.
AI agents call get_branch_status to retrieve information from Agentic Bits Claude Plugin without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.
This tool retrieves git branch status information from configured repositories without making any changes to the repositories, the configuration, or any other system state. It is a pure read operation that respects visibility flags but does not modify them. The blast radius of misuse is minimal—an agent could only gain visibility into which branches are active across repositories, which is informational only.
From the tool's definition Tool description states it will 'Return the current git branch for every configured repo' with no mention of modifications, deletions, or code execution.
Risk signalsBulk/mass operation — affects multiple targets
Attacks that exploit this kind of access
Return the current git branch for every configured repo. Respects the enabled flag and showReferenceRepos toggle. It is categorised as a Read tool in the Agentic Bits Claude Plugin MCP Server, which means it retrieves data without modifying state.
Register the Agentic Bits Claude Plugin MCP server in PolicyLayer and add a rule for get_branch_status: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Agentic Bits Claude Plugin. Nothing to install.
get_branch_status is a Read tool with low risk. Read-only tools are generally safe to allow by default.
Yes. Add a rate_limit block to the get_branch_status rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for get_branch_status. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
get_branch_status is provided by the Agentic Bits Claude Plugin MCP server (onesmartguy/agentic-bits-claude-plugin). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →