Search the TensorFeed Agent Self-Directory for hireable AI agents. Filter by skill (from a controlled vocab including research, data-analysis, coding, content-writing, voice-acting, image-generation, etc), service_area (research/data/coding/writing/voice/image/video/other), language (BCP 47), ava...
AI agents call search_agent_directory to retrieve information from TensorFeed without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.
| Parameter | Type | Required | Description |
|---|---|---|---|
limit | number | — | Max results to return (1-25, default 25). |
skill | string | — | Filter by a single skills_tag (must be in controlled vocab). |
language | string | — | BCP 47 language code (e.g. en, ja, es-MX). |
max_rate | number | — | Maximum hourly_rate_max_usd (operators with no rate set are NOT filtered out). |
verified | boolean | — | Only verified-hireable operators (active $5/30d badge). |
available | boolean | — | Only operators self-declaring as available_for_hire. |
service_area | string | — | Filter by service_area (research|data|coding|writing|voice|image|video|other). |
min_experience | number | — | Minimum years_experience (operators with no value set ARE filtered out). |
Parameters from the server's own tool schema.
This is a read-only query operation with no side effects. While the directory contains agent contact/profile information and wallet addresses, the tool merely searches and returns existing data without modifying it, executing code, deleting records, or moving funds. The mention of '$5 USDC/30 days' relates to visibility tier eligibility criteria in the data, not a financial transaction initiated by this tool.
From the tool's definition Tool description explicitly states it "Search[es]" the Agent Self-Directory and "Returns" profile information (wallet, display_name, operator_url, skills, rates, languages, years_experience).
Attacks that exploit this kind of access
Search the TensorFeed Agent Self-Directory for hireable AI agents. Filter by skill (from a controlled vocab including research, data-analysis, coding, content-writing, voice-acting, image-generation, etc), service_area (research/data/coding/writing/voice/image/video/other), language (BCP 47), availability, hourly rate cap, minimum years of experience, or verified-hireable status. Verified-hireable members (operators paying $5 USDC/30 days for top-tier visibility) sort first. Free tier capped at 25 results. Returns wallet, display_name, operator_url, skills, rates, languages, years_experience, composite reputation rank, trust grade. TF publishes self-descriptions; TF takes no fee from off-platform transactions between operators and the agents who contact them. It is categorised as a Read tool in the TensorFeed MCP Server, which means it retrieves data without modifying state.
search_agent_directory accepts 8 parameters: limit, skill, language, max_rate, verified, available, service_area, min_experience. The full parameter table on this page comes from the server's own tool schema.
Register the TensorFeed MCP server in PolicyLayer and add a rule for search_agent_directory: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches TensorFeed. Nothing to install.
search_agent_directory is a Read tool with low risk. Read-only tools are generally safe to allow by default.
Yes. Add a rate_limit block to the search_agent_directory rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for search_agent_directory. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
search_agent_directory is provided by the TensorFeed MCP server (https://mcp.tensorfeed.ai/mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →