| Supabase | supabase.confirm_cost | Account Management | medium | medium | | SOXCOSO | Acknowledges projected cost; precondition for paid resource creation. |
| Supabase | supabase.apply_migration | Database | critical | high | ⚠ SoD | SOXCOSOSOC2ISO_27001NIST_CSF | Applies a DDL migration to the live database; can alter or drop schema with no review gate. |
| Stytch | stytch.updateConsumerSDKConfig | SDK & Auth Configuration | critical | high | ⚠ SoD | SOC2ISO_27001NIST_CSFNY_DFS_500GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIA | Reconfigures consumer SDK settings, enabled auth products, and permissions; misconfiguration can disable MFA or lock users out at scale. |
| Stytch | stytch.listProjects | Project Management | low | high | | | Lists Stytch projects in the workspace. |
| Stytch | stytch.getAllRedirectURLs | Redirect URLs | low | high | | SOC2 | Reads registered redirect URLs for the project. |
| Stytch | stytch.getAllPublicTokens | Public Tokens | medium | medium | | SOC2ISO_27001 | Reads public tokens used by client applications; intended public credentials but still a credential. |
| Stytch | stytch.createRedirectURLs | Redirect URLs | high | high | ⚠ SoD | SOC2ISO_27001NIST_CSFGDPRUK_GDPRCCPA | Registers new authentication callback URLs; an attacker-controlled URL here enables credential interception. |
| Stytch | stytch.createPublicToken | Public Tokens | high | medium | ⚠ SoD | SOC2ISO_27001NIST_CSF | Issues a new public token for a project; expands the set of identifiers that can initiate auth flows. |
| Stytch | stytch.createProject | Project Management | medium | high | | SOC2ISO_27001 | Creates a new Stytch project; expands the workspace's authentication footprint. |
ⓘ | Stripe | stripe.update_subscription | Revenue & Pipeline | high | high | ⚠ SoD | SOXCOSOPCISOC2ISO_27001 | Changes plan, quantity, or trial state of a recurring billing relationship. |
ⓘ | Stripe | stripe.update_dispute | Financial | high | high | ⚠ SoD | PCISOXCOSOSOC2ISO_27001PSD2 | Submits or modifies dispute evidence; affects chargeback outcome and revenue. |
ⓘ | Stripe | stripe.search_stripe_resources | Platform & DevOps | medium | medium | | PCIGDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2 | Generic search across Stripe resources; can return PII and financial data. |
ⓘ | Stripe | stripe.search_stripe_documentation | Platform & DevOps | low | high | | | Searches Stripe public documentation; no account data accessed. |
ⓘ | Stripe | stripe.retrieve_balance | Financial | low | high | | SOXCOSOSOC2ISO_27001 | Reads current available and pending Stripe balance. |
ⓘ | Stripe | stripe.list_subscriptions | Revenue & Pipeline | medium | high | | SOXCOSOPCISOC2ISO_27001GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIA | Reads recurring billing arrangements including customer, plan, and amount. |
ⓘ | Stripe | stripe.list_products | Revenue & Pipeline | low | high | | | Reads catalog products; metadata only. |
ⓘ | Stripe | stripe.list_prices | Revenue & Pipeline | low | high | | | Reads pricing definitions; catalog metadata only. |
ⓘ | Stripe | stripe.list_payment_intents | Financial | medium | high | | PCISOXCOSOSOC2ISO_27001PSD2 | Reads payment attempts including amounts, status, and last-four card data. |
ⓘ | Stripe | stripe.list_invoices | Financial | medium | high | | SOXCOSOPCISOC2ISO_27001 | Reads invoice history including amounts and customer references. |
ⓘ | Stripe | stripe.list_disputes | Financial | medium | high | | PCISOXCOSOSOC2ISO_27001PSD2 | Reads chargeback / dispute records including amounts and reason codes. |
ⓘ | Stripe | stripe.list_customers | Customer | high | high | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIAPCISOC2ISO_27001 | Bulk read of customer records including billing PII; export risk at scale. |
ⓘ | Stripe | stripe.list_coupons | Revenue & Pipeline | low | high | | | Reads available discount instruments. |
ⓘ | Stripe | stripe.get_stripe_account_info | Platform & DevOps | low | high | | SOC2ISO_27001 | Reads metadata about the connected Stripe account. |
ⓘ | Stripe | stripe.finalize_invoice | Financial | critical | high | ⚠ SoD | SOXCOSOPCISOC2ISO_27001PSD2 | Locks the invoice and triggers payment collection; commits revenue. |
ⓘ | Stripe | stripe.fetch_stripe_resources | Platform & DevOps | medium | medium | | PCIGDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2 | Generic fetch of arbitrary Stripe resources by id; PII and financial exposure depends on target. |
ⓘ | Stripe | stripe.execute_analytics | Financial | medium | medium | | SOXCOSOPCISOC2ISO_27001 | Runs aggregate analytics queries across Stripe data; can return broad financial signals. |
ⓘ | Stripe | stripe.create_refund | Financial | critical | high | ⚠ SoD | SOXCOSOPCISOC2ISO_27001PSD2 | Moves money back to the customer; direct GL impact and chargeback exposure. |
ⓘ | Stripe | stripe.create_product | Revenue & Pipeline | medium | high | | SOXCOSO | Defines a new sellable item in the Stripe catalog. |
ⓘ | Stripe | stripe.create_price | Revenue & Pipeline | high | high | ⚠ SoD | SOXCOSOSOC2ISO_27001 | Defines pricing applied to subsequent invoices; revenue-recognition relevant. |
ⓘ | Stripe | stripe.create_payment_link | Financial | high | high | ⚠ SoD | PCISOXCOSOSOC2ISO_27001PSD2 | Generates a publicly shareable URL that initiates a payment flow against your account. |
ⓘ | Stripe | stripe.create_invoice_item | Financial | high | high | | SOXCOSOPCISOC2ISO_27001 | Adds line items to a draft invoice; affects amount billed to the customer. |
ⓘ | Stripe | stripe.create_invoice | Financial | critical | high | ⚠ SoD | SOXCOSOPCISOC2ISO_27001 | Creates a billable invoice in Stripe; revenue recognition event tied to the GL. |
ⓘ | Stripe | stripe.create_customer | Customer | medium | high | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIAPCI | Creates a customer record holding billing PII (name, email, address). |
ⓘ | Stripe | stripe.create_coupon | Revenue & Pipeline | medium | high | ⚠ SoD | SOXCOSOSOC2 | Creates a discount instrument; can be applied to reduce future invoice amounts. |
ⓘ | Stripe | stripe.cancel_subscription | Revenue & Pipeline | high | high | ⚠ SoD | SOXCOSOPCISOC2ISO_27001 | Ends a recurring revenue stream; reverses future-period revenue recognition. |
ⓘ | Square | square.make_api_request | API Execution | critical | high | ⚠ SoD | SOXCOSOPCIGLBAPSD2GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2ISO_27001 | Generic dispatcher that executes any Square API call: payments, refunds, customer PII, orders, catalog, payouts. Effective scope equals the connected merchant's full Square access. |
ⓘ | Square | square.get_type_info | Discovery | low | high | | | Returns parameter requirements for a Square API type; documentation read. |
ⓘ | Square | square.get_service_info | Discovery | low | high | | | Lists methods available for a Square API service; documentation read. |
| Snowflake | snowflake.SYSTEM_EXECUTE_SQL | Data Access | critical | high | ⚠ SoD | SOXCOSOGDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2ISO_27001NIST_CSF | Runs arbitrary SQL with the connected role's full privileges; can read or modify any table the role can reach. |
| Snowflake | snowflake.sql_exec_tool | Data Access | critical | high | ⚠ SoD | SOXCOSOGDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2ISO_27001NIST_CSF | Canonical Snowflake-published name for the SQL execution tool; same blast radius as SYSTEM_EXECUTE_SQL. |
| Snowflake | snowflake.GENERIC | Generic / User-Defined | medium | low | | SOC2ISO_27001 | Catch-all type for user-defined functions and stored procedures exposed as MCP tools; risk depends on the UDF body. |
| Snowflake | snowflake.CORTEX_SEARCH_SERVICE_QUERY | Cortex Search & Analyst | high | high | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2ISO_27001 | Queries indexed unstructured content (documents, support cases, contracts) via Cortex Search; can surface PII or proprietary text. |
| Snowflake | snowflake.CORTEX_ANALYST_MESSAGE | Cortex Search & Analyst | high | high | | SOXCOSOGDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2ISO_27001 | Natural-language query over a semantic view; returns structured business metrics that can include revenue or PII. |
| Snowflake | snowflake.CORTEX_AGENT_RUN | Cortex Search & Analyst | high | medium | ⚠ SoD | SOXCOSOGDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2ISO_27001NIST_CSF | Invokes a managed Cortex Agent which can in turn call SQL, search, and custom tools; effective privileges are the agent's. |
| Smartsheet | smartsheet.update_rows | Rows | medium | medium | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2 | Modifies tracked row data; can alter project status, financial figures, or PII. |
| Smartsheet | smartsheet.update_comment | Discussions & Comments | low | high | | | Modifies the text of an existing comment. |
| Smartsheet | smartsheet.update_column | Columns | medium | high | | SOC2 | Changes column properties; can silently alter data validation or formulas. |
| Smartsheet | smartsheet.search | Discovery & Navigation | low | high | | | Searches accessible Smartsheet assets by name or content; read surface. |
| Smartsheet | smartsheet.list_workspaces | Discovery & Navigation | low | high | | | Enumerates accessible workspaces; surface mapping for the agent. |
| Smartsheet | smartsheet.list_sheet_discussions | Discussions & Comments | low | high | | | Reads all discussions on a sheet. |