component

Inspect the UI component tree — pages, containers, children, and binding context. op is a schema ToolName; args is its payload. Editing components is editor-only. Call guide {plugin:"component"} for the rules.

Server Zion zion-mcp
Category Read
Risk class Low
Parameters 51 required

What component does on Zion

AI agents call component to retrieve information from Zion without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.

ParameterTypeRequiredDescription
op string Yes
args object
appExId string | null
projectExId string
appVersionExId string | null

Parameters from the server's own tool schema.

Why component needs a policy

The tool is described as inspecting (reading) the UI component tree. It explicitly notes that 'Editing components is editor-only,' confirming this tool only retrieves/queries data about components without modifying them. Low severity as it only exposes UI structure information.

From the tool's definition Inspect the UI component tree — pages, containers, children, and binding context

Questions about component

What does the component tool do? +

Inspect the UI component tree — pages, containers, children, and binding context. op is a schema ToolName; args is its payload. Editing components is editor-only. Call guide {plugin:"component"} for the rules. It is categorised as a Read tool in the Zion MCP Server, which means it retrieves data without modifying state.

What parameters does component accept? +

component accepts 5 parameters: op, args, appExId, projectExId, appVersionExId. Required: op. The full parameter table on this page comes from the server's own tool schema.

How do I enforce a policy on component? +

Register the Zion MCP server in PolicyLayer and add a rule for component: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Zion. Nothing to install.

What risk level is component? +

component is a Read tool with low risk. Read-only tools are generally safe to allow by default.

Can I rate-limit component? +

Yes. Add a rate_limit block to the component rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block component completely? +

Set action: deny in the PolicyLayer policy for component. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides component? +

component is provided by the Zion MCP server (zion-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

// THE FULL RECORD

component is one line of Zion's registry record.

The record carries the whole server: verified identity, auth posture, risk grade, every tool classified, recommended policy — re-checked continuously.

Teams ship this data inside their own products. See what a licence covers →

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.