Every MCP tool in the SCOPE compliance index, grouped by server — risk posture, regulatory exposure, and the tools that warrant tighter governance.
Stytch
1 critical 2 high 2 med 2 low · 7 tools · 3 SoD-flagged
regimes APPICCPAGDPRISO_27001LGPDNIST_CSFNY_DFS_500PIPEDAPIPLPOPIASOC2UK_GDPR
Tools needing tighter control (3 of 7)
stytch.updateConsumerSDKConfig critical conf highhuman approval
Reconfigures consumer SDK settings, enabled auth products, and permissions; misconfiguration can disable MFA or lock users out at scale.
stytch.createRedirectURLs high conf highhuman approval
Registers new authentication callback URLs; an attacker-controlled URL here enables credential interception.
stytch.createPublicToken high conf mediumhuman approval
Issues a new public token for a project; expands the set of identifiers that can initiate auth flows.
All other tools (4)
stytch.createProject medium conf highaudit
Creates a new Stytch project; expands the workspace's authentication footprint.
stytch.getAllPublicTokens medium conf mediumaudit
Reads public tokens used by client applications; intended public credentials but still a credential.
stytch.getAllRedirectURLs low conf highallow
Reads registered redirect URLs for the project.
stytch.listProjects low conf highallow
Lists Stytch projects in the workspace.