ⓘ | Egnyte | egnyte.search | Data Access | medium | high | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2ISO_27001 | Returns content matches across the corporate file store; can surface regulated documents agents weren't intended to see. |
ⓘ | Egnyte | egnyte.set_file_metadata | Content Management | medium | medium | ⚠ SoD | SOC2ISO_27001 | Updates file labels and metadata; may alter classification, retention, or DLP policy enforcement. |
ⓘ | Egnyte | egnyte.summarize_document | Knowledge & Copilot | medium | high | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2 | Generates a summary of a document; reproduces regulated content in derivative form. |
ⓘ | Egnyte | egnyte.upload_file | Content Management | medium | high | | SOC2ISO_27001 | Writes new content into the system of record; can introduce malicious or noncompliant material. |
| Figma | figma.add_code_connect_map | Code Connect | low | high | | | Adds a mapping between a Figma node and a code component. |
| Figma | figma.create_design_system_rules | Code Connect | low | high | | | Authors rule files that constrain agent-generated code. |
| Figma | figma.create_new_file | Design Authoring | low | high | | | Creates a blank Figma Design or FigJam file. |
| Figma | figma.generate_diagram | Design Authoring | low | high | | | Generates a FigJam diagram from Mermaid syntax. |
| Figma | figma.generate_figma_design | Design Authoring | low | high | | | Imports or converts a web page into a Figma design file. |
| Figma | figma.get_code_connect_map | Code Connect | low | high | | | Reads existing mappings between Figma nodes and code components. |
| Figma | figma.get_code_connect_suggestions | Code Connect | low | high | | | Suggests possible Code Connect mappings. |
| Figma | figma.get_design_context | Design Inspection | low | high | | | Reads the current Figma selection as code-ready context. |
| Figma | figma.get_figjam | Design Inspection | low | high | | | Reads a FigJam diagram's metadata and screenshots. |
| Figma | figma.get_metadata | Design Inspection | low | high | | | Returns layer metadata (IDs, names, positions) for a design. |
| Figma | figma.get_screenshot | Design Inspection | low | high | | | Captures a screenshot of the current selection. |
| Figma | figma.get_variable_defs | Design Inspection | low | high | | | Reads design tokens (colors, spacing, typography) from a selection. |
| Figma | figma.search_design_system | Design Inspection | low | high | | | Searches connected design libraries for components, variables, and styles. |
| Figma | figma.send_code_connect_mappings | Code Connect | low | high | | | Persists Code Connect mappings into the design system. |
| Figma | figma.use_figma | Design Authoring | medium | medium | | SOC2 | General-purpose write tool that can create, edit, or delete Figma objects; effects depend on parameters. |
| Figma | figma.whoami | Identity | low | high | | | Returns the authenticated user identity and plan. |
| Fireflies | fireflies.get_transcript | Meeting Intelligence | high | high | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2ISO_27001 | Pulls a full meeting transcript; verbatim recording of private business conversations may contain PII, PHI, or material non-public information. |
| Fireflies | fireflies.get_transcripts | Meeting Intelligence | high | high | | GDPRUK_GDPRCCPAPIPEDALGPDAPPIPIPLPOPIASOC2ISO_27001 | Bulk transcript search across meeting history; aggregated personal-data exposure. |
| Fireflies | fireflies.get_user | Meeting Intelligence | low | high | | | Returns the authenticated user's profile. |
| Gamma | gamma.generate | Content Generation | medium | high | | SOC2 | Generates a presentation, document, or webpage; output may be auto-published with sharing settings the agent controls. |
| Gamma | gamma.get_folders | Content Generation | low | high | | | Lists workspace folders for organizing gammas. |
| Gamma | gamma.get_themes | Content Generation | low | high | | | Browses Gamma's theme library. |
| Gamma | gamma.read_gamma | Content Generation | low | high | | | Retrieves the contents of an existing gamma by ID or URL. |
ⓘ | GitHub | github.actions_get | Secrets & Workflows | low | high | | SOC2ISO_27001 | Reads metadata for a workflow, workflow run, or job. |
ⓘ | GitHub | github.actions_list | Secrets & Workflows | low | high | | SOC2ISO_27001 | Lists workflows, workflow runs, or jobs in a repository. |
ⓘ | GitHub | github.actions_run_trigger | Secrets & Workflows | medium | high | | SOXSOC2ISO_27001 | Triggers a workflow_dispatch or rerun event; executes CI with configured secrets and can affect deployment pipelines. |
ⓘ | GitHub | github.add_comment_to_pending_review | Code & Release | low | high | | | Adds a draft comment to an in-progress pull request review. |
ⓘ | GitHub | github.add_issue_comment | Issues | low | high | | | Posts a comment on an issue; visible to repository collaborators. |
ⓘ | GitHub | github.add_reply_to_pull_request_comment | Code & Release | low | high | | | Replies to an existing pull request review comment. |
ⓘ | GitHub | github.assign_copilot_to_issue | Operations | low | high | | | Assigns the GitHub Copilot coding agent to an issue. |
ⓘ | GitHub | github.create_branch | Repository | medium | high | | SOC2ISO_27001 | Creates a new branch in the repository; pre-condition for direct-write workflows that bypass PR review. |
ⓘ | GitHub | github.create_gist | Repository | medium | high | | SOC2ISO_27001 | Creates a gist; gists are public by default and have repeatedly been a leak vector for secrets and customer data. |
ⓘ | GitHub | github.create_or_update_file | Repository | medium | high | | SOXCOSOSOC2ISO_27001 | Writes file content directly to a branch; combined with merge_pull_request, this lets an agent ship code without going through PR review. |
ⓘ | GitHub | github.create_pull_request | Code & Release | low | high | | SOC2ISO_27001 | Opens a pull request proposing changes; review and merge gating remain in place. |
ⓘ | GitHub | github.create_pull_request_with_copilot | Operations | medium | medium | | SOC2ISO_27001 | Delegates code authorship to Copilot and opens a PR; the resulting PR still passes through normal branch-protection review, but the human-in-the-loop boundary moves from 'wrote the code' to 'approved the PR.' |
ⓘ | GitHub | github.create_repository | Repository | low | high | | SOC2ISO_27001 | Creates a new repository in an org or user account; standard provisioning event. |
ⓘ | GitHub | github.delete_file | Repository | medium | high | | SOXCOSOSOC2ISO_27001 | Removes a file from a branch via direct commit; reversible from history but bypasses PR review when used outside a feature branch. |
ⓘ | GitHub | github.dismiss_notification | Operations | low | high | | | Marks a single notification as read or done for the caller. |
ⓘ | GitHub | github.fork_repository | Repository | low | high | | | Creates a fork of an existing repository under the caller's account or org. |
ⓘ | GitHub | github.get_code_scanning_alert | Code & Release | medium | high | | SOC2ISO_27001NIST_CSF | Reads details of a code scanning alert, including vulnerable code locations and exploit hints. |
ⓘ | GitHub | github.get_commit | Repository | low | high | | | Reads metadata and diff for a single commit. |
ⓘ | GitHub | github.get_copilot_space | Operations | low | medium | | | Reads a Copilot Space configuration; returns the context the space exposes to Copilot. |
ⓘ | GitHub | github.get_dependabot_alert | Code & Release | medium | high | | SOC2ISO_27001NIST_CSF | Reads details of a Dependabot dependency vulnerability alert. |
ⓘ | GitHub | github.get_discussion | Issues | low | high | | | Reads a single discussion thread. |
ⓘ | GitHub | github.get_discussion_comments | Issues | low | high | | | Reads comments on a discussion thread. |
ⓘ | GitHub | github.get_file_contents | Repository | low | high | | SOC2ISO_27001 | Reads the contents of a file at a given ref; private repo contents may include source code and configuration. |