텍스트를 음성으로 변환해 전화 통화로 발송하는 TTS(Text-to-Speech) 도구입니다. 수신자의 휴대폰으로 전화가 걸리며 입력된 텍스트가 음성 안내로 재생됩니다. 메시지는 최대 90 글자. ⚠️ 발신번호(reqPhone)를 사용자가 명시하지 않았다면 절대 추측하지 말고 반드시 사용자에게
AI agents invoke send_tts to trigger actions in SureM SMS MCP. What it does depends on the arguments the agent supplies, and its effects often reach beyond the immediate call — builds kicked off, notifications sent, workflows started.
This tool triggers an external real-world operation — placing an actual phone call to a recipient's mobile phone and playing a voice message. This is an Execute-category action as it initiates an external communication action (phone call) whose effects depend on the arguments provided.
From the tool's definition 텍스트를 음성으로 변환해 전화 통화로 발송하는 TTS(Text-to-Speech) 도구입니다. 수신자의 휴대폰으로 전화가 걸리며 입력된 텍스트가 음성 안내로 재생됩니다
Attacks that exploit this kind of access
텍스트를 음성으로 변환해 전화 통화로 발송하는 TTS(Text-to-Speech) 도구입니다. 수신자의 휴대폰으로 전화가 걸리며 입력된 텍스트가 음성 안내로 재생됩니다. 메시지는 최대 90 글자. ⚠️ 발신번호(reqPhone)를 사용자가 명시하지 않았다면 절대 추측하지 말고 반드시 사용자에게. It is categorised as a Execute tool in the SureM SMS MCP MCP Server, which means it can trigger actions or run processes. Use rate limits and argument validation.
Register the SureM SMS MCP server in PolicyLayer and add a rule for send_tts: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches SureM SMS MCP. Nothing to install.
send_tts is a Execute tool with high risk. Execute tools should be rate-limited and have argument validation enabled.
Yes. Add a rate_limit block to the send_tts rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for send_tts. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
send_tts is provided by the SureM SMS MCP server (suremapp/surem-sms-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →