Hide dangerous tools
Keep destructive or broad tools hidden from the agent when they are not needed for the workflow.
Documentation navigation
MCP Boundary docs
Policy examples
Start with explicit, inspectable rules before trying broad semantic policy.
Allow narrow calls
Use concrete argument rules such as allowed customer IDs, required fields, max lengths, or required version matches.
Block risky effects
A blocked call should return feedback the agent can act on. The downstream server should not be called for blocked effects.