// MCP TOOL REFERENCE
Low Risk

inspect_role

Read the current role configuration draft. Returns tool permissions, system access levels (with inline custom rules), members assigned to this role, and lists of available tools/systems.

How to control inspect_role ↓

WHAT INSPECT_ROLE ON SUPERGLUE MCP DOES

AI agents call inspect_role to retrieve information from Superglue MCP without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.

THE RISK

Low Risk

This tool retrieves and queries role configuration metadata (permissions, access levels, members, available tools/systems) without modifying, deleting, or executing any operations. It is a read-only inspection operation with minimal blast radius if misused by an agent.

From the tool's definition Tool name 'inspect_role' and description 'Read the current role configuration draft. Returns tool permissions, system access levels..., members assigned to this role, and lists of available tools/systems.' - the verb 'Read' and 'Returns' indicate data…

Documented attack patterns abuse exactly the kind of access inspect_role gives an agent:

HOW TO CONTROL INSPECT_ROLE

PolicyLayer is an MCP gateway — it sits between your AI agents and Superglue MCP, and nothing reaches the server without passing your rules. This is the rule we recommend for inspect_role:

policy.json 
{
  "version": "1",
  "default": "deny",
  "tools": {
    "inspect_role": {}
  }
}

inspect_role is read-only, so it stays allowed — but everything else on the server is denied unless you say otherwise.

  1. Create a free account and register Superglue MCP — nothing to install.
  2. Add this policy — paste it, or build it visually.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
CAP THIS TOOL →

Free to start. No card required.

EXPLORE

More Superglue MCP tools

Execute run_tool Executes a tool — either a draft (by draftId) or a saved tool (by toolId), not both. Keep Execute authenticate_oauth Initiates OAuth flow for a system. Credentials (client_id/secret) must already be stored o Execute call_system Explore APIs, databases, and file servers, verify authentication, test endpoints, and exam Execute test_role_access Test a custom rule expression against a sample stepConfig. Evaluates a JS expression local Write build_tool Builds a new superglue tool by accepting the full tool configuration JSON. Successful Write create_system Creates and saves a new system. If credentials are provided, a confirmation UI appears tha Write edit_role Edit a role Write edit_system Edits an existing system. Provide only the fields to change — omitted fields are preserved

All 21 Superglue MCP tools →

Read tools on other servers

Frida Game Hacking MCP check_installation Procmon analyze_pe MegaMemory get_concept WireMCP analyze_pcap

Go deeper

FAQ

What does the inspect_role tool do? +

Read the current role configuration draft. Returns tool permissions, system access levels (with inline custom rules), members assigned to this role, and lists of available tools/systems. It is categorised as a Read tool in the Superglue MCP MCP Server, which means it retrieves data without modifying state.

How do I enforce a policy on inspect_role? +

Register the Superglue MCP server in PolicyLayer and add a rule for inspect_role: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Superglue MCP. Nothing to install.

What risk level is inspect_role? +

inspect_role is a Read tool with low risk. Read-only tools are generally safe to allow by default.

Can I rate-limit inspect_role? +

Yes. Add a rate_limit block to the inspect_role rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block inspect_role completely? +

Set action: deny in the PolicyLayer policy for inspect_role. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides inspect_role? +

inspect_role is provided by the Superglue MCP server (superglue-ai/superglue). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Enforce policy on every Superglue MCP tool call.

Deterministic rules across all 21 Superglue MCP tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

GOVERN SUPERGLUE →

Free to start. No card required.

21 Superglue MCP tools catalogued and risk-classified — across an index of 42,500+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.