Send SMS to multiple recipients
AI agents invoke send_bulk_sms to trigger actions in Ileti Merkezi. What it does depends on the arguments the agent supplies, and its effects often reach beyond the immediate call — builds kicked off, notifications sent, workflows started.
Sending bulk SMS triggers external real-world communication operations at scale. It is not purely a write to a local data store; it executes outbound messages to potentially large numbers of recipients, incurring costs and causing irreversible communication side effects. Financial implications exist (SMS costs), but the primary classification is Execute due to the external operation trigger.
From the tool's definition 'Send SMS to multiple recipients' — triggers external SMS delivery operations to multiple recipients via the Ileti Merkezi API
Attacks that exploit this kind of access
Send SMS to multiple recipients. It is categorised as a Execute tool in the Ileti Merkezi MCP Server, which means it can trigger actions or run processes. Use rate limits and argument validation.
Register the Ileti Merkezi MCP server in PolicyLayer and add a rule for send_bulk_sms: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Ileti Merkezi. Nothing to install.
send_bulk_sms is a Execute tool with high risk. Execute tools should be rate-limited and have argument validation enabled.
Yes. Add a rate_limit block to the send_bulk_sms rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for send_bulk_sms. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
send_bulk_sms is provided by the Ileti Merkezi MCP server (theyahia/ileti-merkezi-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →