Pernosco

20 tools. 5 can modify or destroy data without limits.

5 write tools that can modify data. Rate limits recommended.

Last updated:

5 can modify or destroy data
15 read-only
20 tools total

Community server · catalogue entry verified 02/07/2026

How to control Pernosco ↓

What Pernosco exposes to your agents

Read (15) Write / Execute (5) Destructive / Financial (0)
High Risk

The most dangerous Pernosco tools

5 of Pernosco's 20 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control Pernosco

PolicyLayer is an MCP gateway — it sits between your AI agents and Pernosco, and nothing reaches the server without passing your rules. These are the rules we recommend:

Rate limit write operations
{
  "session_disconnect": {
    "limits": [
      {
        "counter": "session_disconnect_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "current_tasks": {
    "limits": [
      {
        "counter": "current_tasks_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Pernosco — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON PERNOSCO →

Instant setup, no code required.

All 20 Pernosco tools

READ 15 tools
Read current_tasks Get active processes and threads at the current focus moment Read dynamic_annotations Show which lines of the current source file executed at the current focus, with execution counts for loops. Es Read find_breakpoint_hits Find all hits of a specific source line. Use when you have a file:line from a stack trace or crash report. Read find_executions Find all calls to a function across the trace. Optionally evaluate C++ expressions at each call site using pri Read goto Navigate to a specific execution point by result index (from a previous query) or raw focus object Read notebook_read Read Pernosco notebook annotations saved in this session Read search Search for symbols, functions, or types by name Read session_list List available Pernosco traces (open Firefox tabs with pernos.co loaded) Read session_status Get current focus position (event number, source file, line) for the connected session Read source_read Read source code lines from the current trace. Use after stack or session_status to see code around the curren Read stack Get the call stack at the current focus position Read stdout_stderr Get stdout/stderr output around the current focus position. Output is scoped to the current process — use goto Read task_tree Get the complete process/thread hierarchy for the trace Read watch_variable Get the complete write history of a C++ variable. Evaluates the expression to find its memory address, then tr Read watchpoint_history Get complete write history for a memory address across the trace (reads all writes before and after current fo

Questions about Pernosco

How do I prevent bulk modifications through Pernosco? +

The Pernosco server has 1 write tools including session_disconnect. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Pernosco.

How many tools does the Pernosco MCP server expose? +

20 tools across 2 categories: Read, Write. 15 are read-only. 5 can modify, create, or delete data.

How do I enforce a policy on Pernosco? +

Register the Pernosco MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Pernosco tool call.

Deterministic rules across all 20 Pernosco tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

20 Pernosco tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.