Woocommerce

Unverified
NPM@lockon0927/woocommerce-mcp
FRisk gradecritical blast radius
Catalogue entry updated 7 days ago
Auth postureNot probedno remote endpoint probed yet
Tools551 Financial · 3 Destructive · 1 Execute · 18 Write · 32 Read
Worst categoryFinancialgrade tracks the peak, not the average
Capability mix
Financial 1Destructive 3Execute 1Write 18Read 32
What it can reach
Ingests untrusted inputTouches secretsReaches networkRuns codeTouches filesChanges permissionsSends external commsPersistsDeletes dataMoves money
Money-movingCan move funds or commit obligations — treat every call as consequential.
Tools 55
woo_orders_refunds_createFinancialCriticalwoo_coupons_deleteDestructiveHighwoo_orders_deleteDestructiveCriticalwoo_products_deleteDestructiveHighwoo_system_tools_runExecuteCritical
View all 55 tools
Change history
No changes recorded since first scan. Watched servers surface a diff within the hour.
Recommended policy
woo_orders_refunds_createrequire approval
woo_coupons_deletedeny
woo_system_tools_runrequire approval
woo_coupons_createrate limit
Read-only toolsallow
Full policy breakdown with enforcement rules →
DIRECT INSTALL npx -y @lockon0927/woocommerce-mcp

Installed this way, nothing enforces the recommended policy above — calls run exactly as the agent makes them.

// LOOK UP ANOTHER SERVER

Every MCP server has a record like this.

Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.

Teams ship this data inside their own products. See what a licence covers →

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.