Replace a JavaScript code snippet in scripts matching a URL pattern. Uses network interception to modify scripts before execution. IMPORTANT: Changes take effect after page refresh. Rules persist across page refreshes until removed. This tool: 1. Finds loaded scripts matching the URL pattern (reg...
AI agents invoke replace_script to trigger actions in ReverseCraft DevTools MCP. What it does depends on the arguments the agent supplies, and its effects often reach beyond the immediate call — builds kicked off, notifications sent, workflows started.
This tool intercepts network requests and replaces JavaScript code before it executes in the browser. This is an Execute-category action because it directly affects what code runs in the browser environment. The ability to modify third-party scripts and bypass anti-debugging measures gives it a high severity blast radius — an AI agent could inject malicious code, steal credentials, or circumvent security controls.
From the tool's definition Replace a JavaScript code snippet in scripts matching a URL pattern. Uses network interception to modify scripts before execution. Use cases: Modify third-party scripts, Inject debugging code, Bypass anti-debugging measure
Documented attack patterns abuse exactly the kind of access replace_script gives an agent:
PolicyLayer is an MCP gateway — it sits between your AI agents and ReverseCraft DevTools MCP, and nothing reaches the server without passing your rules. This is the rule we recommend for replace_script:
{
"version": "1",
"default": "deny",
"tools": {
"replace_script": {
"limits": [
{
"counter": "replace_script_rate",
"window": "minute",
"max": 10,
"scope": "grant"
}
]
}
}
}replace_script stays usable, but rate-capped — a runaway agent can't fire it dozens of times a minute. Everything else on the server is denied unless you say otherwise.
Free to start. No card required.
Replace a JavaScript code snippet in scripts matching a URL pattern. Uses network interception to modify scripts before execution. IMPORTANT: Changes take effect after page refresh. Rules persist across page refreshes until removed. This tool: 1. Finds loaded scripts matching the URL pattern (regex) 2. Registers an interception rule for the matched script URL 3. On page refresh, intercepts and modifies the script If no scripts match the pattern or old code is not found, an error is reported. Use cases: - Modify third-party scripts - Inject debugging code - Bypass anti-debugging measures - Test code changes without modifying source. It is categorised as a Execute tool in the ReverseCraft DevTools MCP MCP Server, which means it can trigger actions or run processes. Use rate limits and argument validation.
Register the ReverseCraft DevTools MCP server in PolicyLayer and add a rule for replace_script: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches ReverseCraft DevTools MCP. Nothing to install.
replace_script is a Execute tool with high risk. Execute tools should be rate-limited and have argument validation enabled.
Yes. Add a rate_limit block to the replace_script rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for replace_script. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
replace_script is provided by the ReverseCraft DevTools MCP server (reverse-craft/rc-devtools-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Start from ReverseCraft DevTools MCP, add the rest of your stack, and see everything your agents can call. Then put policy on all of it.
Free to start. No card required.
46 ReverseCraft DevTools MCP tools catalogued and risk-classified — across an index of 43,000+ MCP servers.