Block Secrets in Slack Messages
Blocks Slack send-message tool calls whose message body looks like it contains a secret — API keys, passwords, tokens, or PEM-formatted private keys.
Blocks Slack send-message tool calls whose message body looks like it contains a secret — API keys, passwords, tokens, or PEM-formatted private keys.
Blocks HubSpot CRM-object calls that move a deal into a closed stage (closedwon or closedlost). Both create and update requests are inspected.
Blocks HubSpot CRM-object calls that create or change associations between objects (deal↔company, contact↔company, etc.).
Blocks HubSpot CRM-object update calls that set or change a deal's owner.
Blocks HubSpot CRM-object calls that set or change a contact's lifecycle stage.
Makes the HubSpot connection read-only by blocking the write tool.
Keeps issues that belong to a configurable set of "sensitive" JIRA projects out of read access through the JIRA MCP server.
Blocks write operations against issues that belong to a configurable set of "sensitive" JIRA projects.
Blocks Salesforce Contact updates that modify protected fields — ownership, account linkage, contact PII, name, and consent flags.
Restricts Salesforce SOQL queries so only Account, Contact, and Opportunity records can be retrieved.
Restricts the Salesforce MCP server to read-only access.
Blocks Slack channel-creation tool calls at ingress. Every other Slack tool — and every non-Slack tool — passes through untouched.
Blocks read, search, and summarize operations that target a configurable set of "sensitive" Slack channels.
Blocks Slack message-write calls whose destination resolves to a direct conversation — a 1:1 DM, a message posted to a user ID (which Slack auto-opens as a…