| Intuit QuickBooks | intuit-quickbooks.create_purchase_order | Financial | medium | medium | | SOXCOSOSOC2 | Issues a purchase order; commitment but no GL posting. |
| Intuit QuickBooks | intuit-quickbooks.create_payment | Financial | critical | medium | ⚠ SoD | SOXCOSOPCIGLBASOC2ISO_27001PSD2 | Records a customer payment receipt; touches cash and AR balances. |
| Intuit QuickBooks | intuit-quickbooks.create_invoice | Financial | critical | medium | ⚠ SoD | SOXCOSOSOC2ISO_27001 | Creates a billable obligation and revenue recognition event in the GL. |
| Intuit QuickBooks | intuit-quickbooks.create_estimate | Financial | low | medium | | SOXCOSO | Creates a pre-sale estimate; no GL impact until converted. |
| Intuit QuickBooks | intuit-quickbooks.create_deposit | Financial | high | medium | ⚠ SoD | SOXCOSOGLBASOC2ISO_27001 | Records a bank deposit; cash account impact. |
| Intuit QuickBooks | intuit-quickbooks.create_customer | Customer | low | medium | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIA | Adds a new customer record with contact PII. |
| Intuit QuickBooks | intuit-quickbooks.create_credit_memo | Financial | critical | medium | ⚠ SoD | SOXCOSOSOC2ISO_27001 | Issues a credit to a customer; reduces AR and revenue. |
| Intuit QuickBooks | intuit-quickbooks.create_bill_payment | Financial | critical | medium | ⚠ SoD | SOXCOSOGLBASOC2ISO_27001PSD2 | Records cash disbursement to a vendor; direct GL impact. |
| Intuit QuickBooks | intuit-quickbooks.create_bill | Financial | high | medium | ⚠ SoD | SOXCOSOSOC2ISO_27001 | Records a new vendor bill (AP liability). |
| Intercom | intercom.update_article | Knowledge | medium | high | | SOC2 | Modifies existing Help Center content visible to customers. |
| Intercom | intercom.search_conversations | Customer | medium | high | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2 | Searches customer support conversations; results contain message bodies and customer identifiers. |
| Intercom | intercom.search_contacts | Customer | medium | high | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2 | Searches the contact directory; can enumerate users by attributes including email and custom traits. |
| Intercom | intercom.search_articles | Knowledge | low | high | | | Full-text search across Help Center articles. |
| Intercom | intercom.search | Customer | medium | medium | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2ISO_27001 | Universal search across conversations and contacts; can surface PII at scale across the workspace. |
| Intercom | intercom.list_companies | Customer | low | high | | | Lists company accounts; firmographic metadata. |
| Intercom | intercom.list_articles | Knowledge | low | high | | | Lists Help Center articles; public or internal documentation. |
| Intercom | intercom.get_conversation | Customer | medium | high | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2 | Returns the full transcript of a customer conversation; verbatim PII and possibly sensitive disclosures. |
| Intercom | intercom.get_contact | Customer | medium | high | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIA | Retrieves a single contact's profile and attributes. |
| Intercom | intercom.get_company | Customer | low | high | | | Returns details for a single company record. |
| Intercom | intercom.get_article | Knowledge | low | high | | | Returns a single Help Center article body. |
| Intercom | intercom.fetch | Customer | medium | medium | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2 | Retrieves the full record for a referenced resource; can return conversation contents and contact PII. |
| Intercom | intercom.create_article | Knowledge | medium | high | | SOC2 | Publishes new Help Center content visible to customers; reputational and accuracy risk. |
| HubSpot | hubspot.submit_feedback | Operations | low | high | | | Sends feedback about the MCP server back to HubSpot; no customer-data effect. |
| HubSpot | hubspot.search_properties | Platform & DevOps | low | high | | | Lists property metadata for CRM objects; schema introspection only. |
| HubSpot | hubspot.search_owners | Customer | low | high | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIA | Looks up CRM record owners (HubSpot users) by email or id. |
| HubSpot | hubspot.search_crm_objects | Customer | medium | high | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIA | Filtered query across CRM objects; returns PII matching the criteria. |
| HubSpot | hubspot.manage_crm_objects | Customer | high | medium | ⚠ SoD | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2ISO_27001 | Generic write tool that creates, updates, associates, or deletes CRM records (contacts, companies, deals, tickets); single call can mutate any standard or custom object. |
| HubSpot | hubspot.get_user_details | Identity & Access | low | high | | SOC2ISO_27001 | Returns details about the authenticated HubSpot user (the caller). |
| HubSpot | hubspot.get_properties | Platform & DevOps | low | high | | | Reads property definitions; schema introspection only. |
| HubSpot | hubspot.get_crm_objects | Customer | medium | high | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIA | Reads CRM records by id; returns PII fields on contacts, companies, deals. |
| HubSpot | hubspot.get_campaign_contacts_by_type | Revenue & Pipeline | medium | high | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2 | Returns contact lists associated with a campaign — bulk PII read. |
| HubSpot | hubspot.get_campaign_asset_types | Revenue & Pipeline | low | high | | | Lists asset types attached to campaigns; metadata only. |
| HubSpot | hubspot.get_campaign_asset_metrics | Revenue & Pipeline | low | high | | | Reads per-asset campaign performance metrics. |
| HubSpot | hubspot.get_campaign_analytics | Revenue & Pipeline | low | high | | | Reads marketing campaign performance metrics; aggregate analytics. |
ⓘ | Honeycomb | honeycomb.run_query | Data Access | medium | medium | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2ISO_27001 | Executes an analytics query over telemetry; results may include user identifiers, IPs, or request payloads embedded in events. |
ⓘ | Honeycomb | honeycomb.list_triggers | Operations | low | high | | | Lists alerting triggers; metadata-only. |
ⓘ | Honeycomb | honeycomb.list_slos | Operations | low | high | | | Lists service level objectives; reveals reliability posture. |
ⓘ | Honeycomb | honeycomb.list_datasets | Data Access | low | high | | | Enumerates available observability datasets; metadata-only read. |
ⓘ | Honeycomb | honeycomb.get_trigger | Operations | low | high | | | Returns the configuration of a single alert trigger. |
ⓘ | Honeycomb | honeycomb.get_trace_link | Data Access | low | high | | SOC2 | Returns a deep link to a specific distributed trace; trace contents may include request data. |
ⓘ | Honeycomb | honeycomb.get_slo | Operations | low | high | | | Returns SLO definition and current burn; reliability metadata. |
ⓘ | Honeycomb | honeycomb.get_instrumentation_help | Operations | low | high | | | Returns guidance on instrumenting code with Honeycomb; static help content. |
ⓘ | Honeycomb | honeycomb.get_columns | Data Access | low | high | | | Returns the schema of a dataset; reveals what fields are tracked but not their values. |
ⓘ | Honeycomb | honeycomb.analyze_columns | Data Access | low | high | | SOC2 | Computes statistical summaries over a column; aggregate-level read. |
| Hex | hex.search_projects | Data Analytics | low | high | | SOC2 | Finds Hex projects in the workspace by name or content. |
| Hex | hex.get_thread | Data Analytics | medium | medium | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2 | Reads thread messages and query results; exposes prior analytic outputs over warehouse data. |
| Hex | hex.create_thread | Data Analytics | medium | medium | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2ISO_27001 | Starts a Hex agent conversation that may execute SQL and analytic code over connected warehouses; results may include PII or financial data. |
| Hex | hex.continue_thread | Data Analytics | medium | medium | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2 | Adds a follow-up question to a Hex thread, potentially executing additional warehouse queries. |
| Gusto | gusto.list_job_compensations | Employees | high | high | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOXCOSOSOC2ISO_27001 | Reads compensation history for a job; salary data is among the most sensitive HR fields. |
| Gusto | gusto.list_gusto_companies | Company & Organization | low | high | | SOC2 | Lists Gusto companies the connected user can access. |