Session Buddy

80 tools. 39 can modify or destroy data without limits.

3 destructive tools with no built-in limits. Policy required.

Last updated:

39 can modify or destroy data
41 read-only
80 tools total

Community server · catalogue entry verified 29/06/2026

How to control Session Buddy ↓

What Session Buddy exposes to your agents

Read (41) Write / Execute (36) Destructive / Financial (3)
Critical Risk

The most dangerous Session Buddy tools

39 of Session Buddy's 80 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control Session Buddy

PolicyLayer is an MCP gateway — it sits between your AI agents and Session Buddy, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations
{
  "cleanup_serverless_sessions": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "apply_pattern": {
    "limits": [
      {
        "counter": "apply_pattern_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "access_log_stats": {
    "limits": [
      {
        "counter": "access_log_stats_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Session Buddy — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON SESSION BUDDY →

Instant setup, no code required.

All 80 Session Buddy tools

WRITE 21 tools
Write apply_pattern Record a pattern application for tracking and learning. Write auto_compact Automatically trigger conversation compaction with intelligent summary. Write capture_successful_pattern Capture a successful pattern for cross-project reuse. Write configure_llm_provider Configure an LLM provider with API credentials and settings. Write configure_serverless_storage Configure storage backend for serverless sessions. Write create_pool Create a new worker pool with exactly 3 workers. Write create_serverless_session Create a new serverless session with external storage. Write create_session_context Create a new session context snapshot. Write create_team Create a new team for knowledge sharing. Write end End Claude session with cleanup, learning capture, and handoff file creation. Write extract_and_store_memory_tool Extract entities using cascade and persist to v2 tables (when enabled). Write permissions Manage session permissions for trusted operations to avoid repeated prompts. Write pre_compact_sync Sync session state before context compaction (called via PreCompactHook). Write preserve_current_context Preserve current development context before an interruption. Write rate_pattern_outcome Rate the outcome of a pattern application. Write restore_session_context Restore a previously saved session context. Write store_conversation Manually store a conversation with embedding support. Write store_conversation_checkpoint Store a conversation checkpoint from current session context. Write sync_claude_qwen_config Sync Claude and Qwen provider configurations. Write update_serverless_session Update serverless session data and optionally extend TTL. Write vote_on_reflection Vote on a team reflection (upvote/downvote).
READ 41 tools
Read access_log_stats Return access statistics from memory_access_log. Read check_pool_health Get health status of pools. Read checkpoint Perform mid-session quality checkpoint with workflow analysis and optimization recommendations. Read feature_flags_status Return current feature flag values. Read find_usages Find all usages of a symbol across the codebase. Read get_active_files Get list of actively edited files in recent minutes. Read get_activity_summary Get activity summary for the specified number of hours. Read get_context_insights Get contextual insights from recent activity. Read get_conversation_statistics Get statistics about stored conversations. Read get_ide_diagnostics Get IDE-level diagnostics for a file from PyCharm. Read get_intelligence_stats Get statistics about the intelligence system. Read get_interruption_history Get history of interruptions for debugging and analysis. Read get_metrics_summary Get summary statistics of session metrics. Read get_pool_manager_status Get status of the pool manager. Read get_pool_status Get detailed status of a specific pool. Read get_prometheus_metrics Get Prometheus metrics (not available). Read get_serverless_session Get serverless session state from external storage. Read get_skill_details Get detailed information about a specific skill. Read get_symbol_info Get information about a code symbol. Read get_team_statistics Get team statistics and activity. Read health_check Simple health check that doesn't require database or session context. Read list_llm_providers List all available LLM providers and their models. Read list_pools List all worker pools. Read list_serverless_sessions List serverless sessions with optional filtering. Read list_session_metrics List all available session metrics with descriptions. Read list_skills List learned skills available for workflow guidance. Read ping Simple ping endpoint to test MCP connectivity. Read pycharm_health Check health of PyCharm MCP integration. Read quality_monitor Phase 3: Proactive quality monitoring with early warning system. Read rollout_plan Return a staged enablement plan for features (read-only guidance). Read search_code_patterns Search for code patterns across all indexed files. Read search_conversations Search conversations by semantic similarity. Read search_reflections search_reflections Read search_similar_patterns Search for patterns similar to the current context. Read search_team_knowledge Search team reflections with access control. Read server_info Get basic server information without requiring session context. Read session_welcome Display session connection information and previous session details. Read status Get current session status and project context information with health checks. Read suggest_improvements Get proactive workflow improvement suggestions based on learned skills. Read test_llm_providers Test all LLM providers to check their availability and functionality. Read test_serverless_storage Test all configured storage backends (Redis, S3, local).

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Questions about Session Buddy

Can an AI agent delete data through the Session Buddy MCP server? +

Yes. The Session Buddy server exposes 3 destructive tools including cleanup_serverless_sessions, delete_pool, delete_serverless_session. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Session Buddy? +

The Session Buddy server has 21 write tools including apply_pattern, auto_compact, capture_successful_pattern. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Session Buddy.

How many tools does the Session Buddy MCP server expose? +

80 tools across 4 categories: Destructive, Execute, Read, Write. 41 are read-only. 39 can modify, create, or delete data.

How do I enforce a policy on Session Buddy? +

Register the Session Buddy MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Session Buddy tool call.

Deterministic rules across all 80 Session Buddy tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

80 Session Buddy tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.