Get the list of students enrolled in a specific class. Returns name, email, join date, current streak and total points.
AI agents call get_class_roster to retrieve information from Easycslearning without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.
This is a straightforward read operation that queries enrolled student information. No data is created, modified, deleted, or used to trigger external operations. The returned information is educational metadata (names, emails, engagement metrics) rather than sensitive personally identifiable information. Blast radius of misuse is low—unauthorized roster access is a privacy concern but not operationally destructive.
From the tool's definition Tool name 'get_class_roster' and description 'Get the list of students enrolled in a specific class' indicate a retrieval operation. The server description explicitly states 'read-only access'.
Attacks that exploit this kind of access
Get the list of students enrolled in a specific class. Returns name, email, join date, current streak and total points. It is categorised as a Read tool in the Easycslearning MCP Server, which means it retrieves data without modifying state.
Register the Easycslearning MCP server in PolicyLayer and add a rule for get_class_roster: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Easycslearning. Nothing to install.
get_class_roster is a Read tool with low risk. Read-only tools are generally safe to allow by default.
Yes. Add a rate_limit block to the get_class_roster rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for get_class_roster. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
get_class_roster is provided by the Easycslearning MCP server (tsfir/easycslearning_mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
get_class_roster is one line of Easycslearning's registry record.
The record carries the whole server: verified identity, auth posture, risk grade, every tool classified, recommended policy — re-checked continuously.
Teams ship this data inside their own products. See what a licence covers →