// MCP TOOL REFERENCE
Medium Risk

zephyr_create_test_case_steps

Create steps for a Test Case in Zephyr. Supports inline step definitions or delegating execution to another test case (also known as 'call to test' via UI). **Examples:** 1. To the Test Case SA-T1, add steps that will test a login page. ```json { "testCaseKey": "SA-T1", "mode": "APPEND", "...

High parameter count (16 properties); Admin/system-level operation

Part of the SmartBear MCP MCP server. Enforce policies on this tool with Intercept, the open-source MCP proxy.

@smartbear/mcp Write Risk 3/5
// WHEN AI AGENTS USE THIS TOOL

AI agents use zephyr_create_test_case_steps to create or modify resources in SmartBear MCP. Write operations carry medium risk because an autonomous agent could trigger bulk unintended modifications. Rate limits prevent a single agent session from making hundreds of changes in rapid succession. Argument validation ensures the agent passes expected values.

// WHY ENFORCE A POLICY ON ZEPHYR_CREATE_TEST_CASE_STEPS

Without a policy, an AI agent could call zephyr_create_test_case_steps repeatedly, creating or modifying resources faster than any human could review. Intercept's rate limiting ensures write operations happen at a controlled pace, and argument validation catches malformed or unexpected inputs before they reach SmartBear MCP.

// RECOMMENDED POLICY

Write tools can modify data. A rate limit prevents runaway bulk operations from AI agents.

smartbear-mcp.yaml 
tools:
  zephyr_create_test_case_steps:
    rules:
      - action: allow
        rate_limit:
          max: 30
          window: 60

See the full SmartBear MCP policy for all 147 tools.

// DETAILS
Tool Name zephyr_create_test_case_steps
Category Write
MCP Server SmartBear MCP MCP Server
Risk Level Medium
// MORE SMARTBEAR MCP TOOLS
Destructive collaborator_delete_collaborator_remote_system_configuration Destructive reflect_cancel_suite_execution Destructive reflect_delete_previous_step Destructive swagger_delete_portal_product Destructive swagger_delete_table_of_contents Execute collaborator_reviewservice_action Execute contract-testing_can_i_deploy Execute qmetry_link_issues_to_testcase_run

View all 147 tools →

// RELATED READING
// FAQ
What does the zephyr_create_test_case_steps tool do? +

Create steps for a Test Case in Zephyr. Supports inline step definitions or delegating execution to another test case (also known as 'call to test' via UI). **Examples:** 1. To the Test Case SA-T1, add steps that will test a login page. ```json { "testCaseKey": "SA-T1", "mode": "APPEND", "items": [ { "inline": { "description": "Navigate to the login page", "expectedResult": "Login page is displayed" } }, { "inline": { "description": "Enter valid credentials and click Submit", "expectedResult": "User is redirected to the dashboard" } } ] } ``` Expected Output: The ID of the Test Steps resource and the API self URL to fetch it 2. To the Test Case MM2-T15, replace all existing steps with new ones that test the settings page for an Admin user. ```json { "testCaseKey": "MM2-T15", "mode": "OVERWRITE", "items": [ { "inline": { "description": "Open the settings page", "testData": "User role: Admin", "expectedResult": "Settings page is accessible" } }, { "inline": { "description": "Change the notification preference", "testData": "Preference: Email only", "expectedResult": "Notification preference is updated successfully" } } ] } ``` Expected Output: The ID of the Test Steps resource and the API self URL to fetch it 3. To the Test Case SA-T1, add a step that reuses the steps from the Test Case PRJ-T42 ```json { "testCaseKey": "SA-T1", "mode": "APPEND", "items": [ { "testCase": { "testCaseKey": "PRJ-T42" } } ] } ``` Expected Output: The ID of the Test Steps resource and the API self URL to fetch it. It is categorised as a Write tool in the SmartBear MCP MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.

How do I enforce a policy on zephyr_create_test_case_steps? +

Add a rule in your Intercept YAML policy under the tools section for zephyr_create_test_case_steps. You can allow, deny, rate-limit, or validate arguments. Then run Intercept as a proxy in front of the SmartBear MCP MCP server.

What risk level is zephyr_create_test_case_steps? +

zephyr_create_test_case_steps is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.

Can I rate-limit zephyr_create_test_case_steps? +

Yes. Add a rate_limit block to the zephyr_create_test_case_steps rule in your Intercept policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block zephyr_create_test_case_steps completely? +

Set action: deny in the Intercept policy for zephyr_create_test_case_steps. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides zephyr_create_test_case_steps? +

zephyr_create_test_case_steps is provided by the SmartBear MCP MCP server (@smartbear/mcp). Intercept sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Enforce policies on SmartBear MCP

Open source. One binary. Zero dependencies.

npx -y @policylayer/intercept
github.com/policylayer/intercept →
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.