ⓘ | Sentry | sentry.find_dsns | Secrets & Workflows | medium | high | | SOC2ISO_27001NIST_CSF | Lists project DSNs (ingest credentials). |
ⓘ | Sentry | sentry.create_team | Identity & Access | medium | high | ⚠ SoD | SOC2ISO_27001NIST_CSF | Creates a new team scope; expands access surface. |
ⓘ | Sentry | sentry.create_project | Platform & DevOps | medium | high | | SOC2ISO_27001 | Provisions a new Sentry project, expanding the monitored surface. |
ⓘ | Sentry | sentry.create_dsn | Secrets & Workflows | high | high | ⚠ SoD | SOC2ISO_27001NIST_CSF | Provisions a new ingest DSN; an attacker with the DSN can spoof events into the project. |
ⓘ | Sentry | sentry.analyze_issue_with_seer | Issues | medium | medium | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2 | Sends issue context to Seer AI for root-cause analysis. |
| Sanity | sanity.whoami | Platform & DevOps | low | high | | | Returns the authenticated principal's identity. |
| Sanity | sanity.version_unpublish_document | Content | high | high | ⚠ SoD | SOC2ISO_27001 | Unpublishes a versioned document from the live dataset. |
| Sanity | sanity.version_replace_document | Content | medium | high | | SOC2 | Replaces a versioned document's contents wholesale. |
| Sanity | sanity.version_discard | Content | medium | high | | SOC2 | Discards an in-progress version; loses unpublished work. |
| Sanity | sanity.update_dataset | Platform & DevOps | high | high | ⚠ SoD | SOC2ISO_27001NIST_CSF | Modifies dataset visibility/access settings; can expose or hide content broadly. |
| Sanity | sanity.unpublish_documents | Content | high | high | ⚠ SoD | SOC2ISO_27001 | Pulls live documents from the public dataset; can break consuming sites. |
| Sanity | sanity.transform_image | Media | low | high | | | Applies transformations to an existing image asset. |
| Sanity | sanity.semantic_search | Data Access | low | high | | | Runs semantic search over content embeddings. |
| Sanity | sanity.search_docs | Operations | low | high | | | Searches Sanity public documentation. |
| Sanity | sanity.read_docs | Operations | low | high | | | Reads a Sanity documentation page. |
| Sanity | sanity.query_documents | Content | medium | high | | SOC2 | Runs GROQ queries that may return arbitrary content fields including drafts. |
| Sanity | sanity.publish_documents | Content | high | high | ⚠ SoD | SOC2ISO_27001 | Pushes content live to the public dataset; bypasses staged review. |
| Sanity | sanity.patch_document_from_markdown | Content | medium | high | | SOC2 | Patches a document using Markdown content. |
| Sanity | sanity.patch_document_from_json | Content | medium | high | | SOC2 | Patches an existing document with new field values. |
| Sanity | sanity.migration_guide | Operations | low | high | | | Returns Sanity migration guidance docs. |
| Sanity | sanity.list_workspace_schemas | Schema & Configuration | low | high | | | Lists workspace schemas available to the caller. |
| Sanity | sanity.list_sanity_rules | Operations | low | high | | | Lists configured Sanity assistant rules. |
| Sanity | sanity.list_releases | Content | low | high | | | Lists planned and published content releases. |
| Sanity | sanity.list_projects | Platform & DevOps | low | high | | | Returns the project directory. |
| Sanity | sanity.list_organizations | Platform & DevOps | low | high | | | Lists Sanity organizations the caller belongs to. |
| Sanity | sanity.list_embeddings_indices | Data Access | low | high | | | Lists semantic-search indices. |
| Sanity | sanity.list_datasets | Platform & DevOps | low | high | | | Lists datasets within a project. |
| Sanity | sanity.get_schema | Schema & Configuration | low | high | | | Returns the document schema for a workspace. |
| Sanity | sanity.get_sanity_rules | Operations | low | high | | | Returns details of a Sanity assistant rule. |
| Sanity | sanity.get_project_studios | Platform & DevOps | low | high | | | Lists studio deployments associated with a project. |
| Sanity | sanity.get_document | Content | low | high | | | Reads a single document's contents. |
| Sanity | sanity.generate_image | Media | low | high | | | Generates an AI image asset for use in content. |
| Sanity | sanity.discard_drafts | Content | medium | high | | SOC2 | Permanently removes draft documents. |
| Sanity | sanity.deploy_schema | Schema & Configuration | critical | high | ⚠ SoD | SOC2ISO_27001NIST_CSF | Deploys a new schema to the workspace; can break every consumer of the content API. |
| Sanity | sanity.create_version | Content | medium | high | | SOC2 | Creates a new release version of a document. |
| Sanity | sanity.create_release | Content | medium | high | | SOC2 | Creates a content release bundle for coordinated publishing. |
| Sanity | sanity.create_project | Platform & DevOps | medium | high | | SOC2 | Provisions a new Sanity project; may incur billing and create a new content surface. |
| Sanity | sanity.create_documents_from_markdown | Content | medium | high | | SOC2 | Creates content documents from Markdown input. |
| Sanity | sanity.create_documents_from_json | Content | medium | high | | SOC2 | Creates structured content documents from JSON; can publish unverified content. |
| Sanity | sanity.create_dataset | Platform & DevOps | medium | high | | SOC2 | Creates a new dataset; affects content visibility and billing. |
| Sanity | sanity.add_cors_origin | Schema & Configuration | high | high | ⚠ SoD | SOC2ISO_27001NIST_CSF | Allows a new origin to call the content API; unauthorized origins can read drafts. |
ⓘ | Salesforce | salesforce.update_devops_center_work_item_status | DevOps Center | medium | high | ⚠ SoD | SOXCOSOSOC2ISO_27001 | Moves a work item between In Progress and Ready to Promote; controls when changes become eligible for promotion to higher environments. |
ⓘ | Salesforce | salesforce.scan_apex_class_for_antipatterns | Code Analysis | low | high | | | Analyzes Apex source for performance antipatterns; static analysis with no org-side effect. |
ⓘ | Salesforce | salesforce.run_soql_query | Data | high | high | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2ISO_27001 | Executes arbitrary SOQL against the org and returns matching records, including PII held on Contacts, Leads, Accounts, Cases, and custom objects. |
ⓘ | Salesforce | salesforce.run_code_analyzer | Code Analysis | low | high | | | Runs Salesforce Code Analyzer over local source and writes a results JSON; static analysis with no org-side effect. |
ⓘ | Salesforce | salesforce.run_apex_test | Testing & Apex Execution | critical | high | ⚠ SoD | SOXCOSOSOC2ISO_27001NIST_CSF | Executes Apex test classes in the org, which run arbitrary Apex code with the test runner's permissions and can mutate data inside testSetup or non-isolated tests. |
ⓘ | Salesforce | salesforce.run_agent_test | Testing & Apex Execution | medium | medium | | SOC2ISO_27001 | Runs Agentforce agent tests against the org; consumes agent execution quotas and exercises configured agent actions. |
ⓘ | Salesforce | salesforce.retrieve_metadata | Metadata & Deploy | medium | high | | SOC2ISO_27001 | Pulls org metadata (Apex source, page layouts, profiles) into the local DX project; exfiltrates configuration and source code. |
ⓘ | Salesforce | salesforce.resume_tool_operation | Org & Configuration | low | medium | | | Resumes a previously-started long-running operation; risk inherits from the underlying tool that originally started it. |
ⓘ | Salesforce | salesforce.resolve_devops_center_merge_conflict | DevOps Center | medium | medium | | SOXCOSOSOC2ISO_27001 | Applies a chosen resolution strategy to a merge conflict on the work item branch; rewrites version-controlled source feeding the deploy pipeline. |