get_card

Request a one-time virtual card to make a purchase on behalf of a user. The card is issued instantly if the user's agent rules allow it. If the amount exceeds the user's spending limits, the request is escalated for manual approval in the user's tru dashboard. The card auto-expires after 60 minut...

Server Tru tru-mcp
Category Financial
Risk class Critical
Parameters 91 required

What get_card does on Tru

AI agents use get_card to commit financial operations through Tru — usually the final step of a payment, billing, or trading workflow. A call moves real money.

ParameterTypeRequiredDescription
email string Yes Email address of the tru user who will be charged
action string The action being performed (e.g. 'purchase products', 'book flight'). Used to evaluate action permission rules.
app_id string The tru app ID to charge as (required when using shared API key)
currency string Currency code (default: 'usd')
request_id string ID of an approved charge request from request_payment. When provided, issues a virtual card for that already-approved amount instead of creating a new charge.
description string What this purchase is for (shown to the user)
amount_cents integer Amount in cents (e.g. 4999 for $49.99). Required unless request_id is provided.
source_label string Label identifying the source of this personal charge (e.g. 'Claude Code — David's MacBook Pro'). Required for personal charges without an app_id. On first use,
target_service string The merchant or service where this card will be used (e.g. 'clayking.com')

Parameters from the server's own tool schema.

Why get_card needs a policy

This tool directly initiates financial transactions by issuing a virtual payment card that can be used to make purchases on behalf of a user. Even though it is one-time and time-limited, it commits real financial obligations and moves money, placing it firmly in the Financial category. Misuse could result in unauthorized purchases, making severity critical.

From the tool's definition Request a one-time virtual card to make a purchase on behalf of a user... The card is issued instantly if the user's agent rules allow it... can only be used once

Questions about get_card

What does the get_card tool do? +

Request a one-time virtual card to make a purchase on behalf of a user. The card is issued instantly if the user's agent rules allow it. If the amount exceeds the user's spending limits, the request is escalated for manual approval in the user's tru dashboard. The card auto-expires after 60 minutes and can only be used once. If you already have an approved request_id from request_payment, pass it to get a card for that approved amount. It is categorised as a Financial tool in the Tru MCP Server, which means it involves financial transactions. Block by default and require explicit approval.

What parameters does get_card accept? +

get_card accepts 9 parameters: email, action, app_id, currency, request_id, description, amount_cents, source_label, target_service. Required: email. The full parameter table on this page comes from the server's own tool schema.

How do I enforce a policy on get_card? +

Register the Tru MCP server in PolicyLayer and add a rule for get_card: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Tru. Nothing to install.

What risk level is get_card? +

get_card is a Financial tool with critical risk. Critical-risk tools should be blocked by default and only enabled with explicit human approval.

Can I rate-limit get_card? +

Yes. Add a rate_limit block to the get_card rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block get_card completely? +

Set action: deny in the PolicyLayer policy for get_card. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides get_card? +

get_card is provided by the Tru MCP server (tru-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

// LOOK UP ANOTHER SERVER

Every MCP server has a record like this.

Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.

Teams ship this data inside their own products. See what a licence covers →

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.