Map product whitespace across the user's existing ACCOUNTS against a product catalog: for each account, which catalogue products are unsold, the penetration %, and a whitespace score weighted by account quality (ARR + health). Returns the portfolio-level penetration plus accounts ranked by unsold...
AI agents call find_whitespace to retrieve information from StackSwap without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.
| Parameter | Type | Required | Description |
|---|---|---|---|
accounts | array | Yes | Accounts as loose records. Recognized fields (with aliases): products/skus, arr/mrr, health/healthScore, name/company. |
catalogProducts | array | Yes | The full sellable product set to measure penetration against. |
Parameters from the server's own tool schema.
find_whitespace retrieves and analyzes data from user accounts and product catalogs to identify unsold products and market opportunities. It produces insights (penetration %, whitespace scores, ranked accounts) without creating, modifying, deleting, or executing external operations. This is a classic Read operation: querying and aggregating existing data for reporting purposes.
From the tool's definition Tool description explicitly states it 'Map[s] product whitespace', 'Returns the portfolio-level penetration', and is a 'strategic penetration map' that analyzes existing account data without modifying it.
Attacks that exploit this kind of access
Map product whitespace across the user's existing ACCOUNTS against a product catalog: for each account, which catalogue products are unsold, the penetration %, and a whitespace score weighted by account quality (ARR + health). Returns the portfolio-level penetration plus accounts ranked by unsold-surface x quality, with the specific unsold products listed. Requires catalogProducts (your sellable set) and accepts loosely-typed account records (products/skus, arr, health normalized). This is the strategic penetration map; for a propensity-weighted, dollar-valued go-after list use score_expansion_opportunities. Operates only on the user's own book — never a prospecting list. Use when the user asks 'where is our whitespace', 'which products are under-penetrated', or pastes accounts plus a catalog. It is categorised as a Read tool in the StackSwap MCP Server, which means it retrieves data without modifying state.
find_whitespace accepts 2 parameters: accounts, catalogProducts. Required: accounts, catalogProducts. The full parameter table on this page comes from the server's own tool schema.
Register the StackSwap MCP server in PolicyLayer and add a rule for find_whitespace: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches StackSwap. Nothing to install.
find_whitespace is a Read tool with low risk. Read-only tools are generally safe to allow by default.
Yes. Add a rate_limit block to the find_whitespace rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for find_whitespace. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
find_whitespace is provided by the StackSwap MCP server (StonesofCreation/stackswap-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →