// SCAN REPORT

MCP Memory Keeper

40 tools. 22 can modify or destroy data without limits.

1 destructive tool with no built-in limits. Policy required.

Last updated: 11 Jun 2026

22 can modify or destroy data

18 read-only

40 tools total

Community server · catalogue entry verified 11/06/2026

How to control MCP Memory Keeper ↓

TOOL MAP

What MCP Memory Keeper exposes to your agents

Read (18) Write / Execute (21) Destructive / Financial (1)

Running more than one server? Check your whole stack →

MOST DANGEROUS TOOLS

Critical Risk

The most dangerous MCP Memory Keeper tools

Destructive · High context_batch_delete This tool performs irreversible deletion of context data in bulk. Execute · High context_git_commit This tool performs a git commit operation, which is an external version control action that modifies the repository's history. Execute · High context_delegate The tool delegates tasks to 'specialized agents', which implies triggering external operations or spawning agent processes. Execute · Medium context_watch Creating watchers establishes persistent background processes or event listeners that execute callbacks or side effects when changes occur.

22 of MCP Memory Keeper's 40 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

POLICY

How to control MCP Memory Keeper

PolicyLayer is an MCP gateway — it sits between your AI agents and MCP Memory Keeper, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations

{
  "context_batch_delete": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations

{
  "context_session_start": {
    "limits": [
      {
        "counter": "context_session_start_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations

{
  "context_analyze": {
    "limits": [
      {
        "counter": "context_analyze_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

Create a free account and register MCP Memory Keeper — nothing to install.
Add these rules — paste them, or build them visually. Tune the limits to your setup.
Point your MCP client (Claude, Cursor, anything) at your gateway URL.

ENFORCE POLICY ON MCP MEMORY KEEPER →

Free to start. No card required.

FULL CATALOGUE

All 40 MCP Memory Keeper tools

DESTRUCTIVE 1 tools

Destructive context_batch_delete Delete multiple context items by keys or pattern in a single atomic operation

EXECUTE 3 tools

Execute context_delegate Delegate complex analysis tasks to specialized agents Execute context_watch Create and manage watchers for real-time context change monitoring Execute context_git_commit Create git commit with automatic context save

WRITE 18 tools

Write context_session_start Start a new context session with optional project directory for git tracking Write context_cache_file Cache file content with hash for change detection Write context_integrate_tool Track events from other MCP tools Write context_reassign_channel Move context items between channels based on keys, patterns, or entire channel Write context_share Share a context item with other sessions for cross-session collaboration Write context_batch_save Save multiple context items in a single atomic operation Write context_batch_update Update multiple context items with partial updates in a single atomic operation Write context_branch_session Create a branch from current session for exploring alternatives Write context_checkpoint Create a named checkpoint of current context Write context_compress Intelligently compress old context to save space Write context_import Import previously exported session data. For security, imports are confined to the Write context_journal_entry Add a timestamped journal entry with optional tags and mood Write context_link Create a relationship between two context items Write context_merge_sessions Merge another session into the current one Write context_prepare_compaction Automatically save critical context before compaction Write context_restore_checkpoint Restore context from a checkpoint Write context_save Save a context item with optional category, priority, and privacy setting Write context_set_project_dir Set the project directory for git tracking in the current session

READ 18 tools

Read context_analyze Analyze context to extract entities and relationships Read context_channel_stats Get detailed statistics for a specific channel or all channels Read context_diff Get changes to context items since a specific point in time (timestamp, checkpoint, or relative time) Read context_file_changed Check if a file has changed since it was cached Read context_find_related Find entities related to a key or entity Read context_get Retrieve saved context by key, category, or session with enhanced filtering. Returns all accessible items (pub Read context_get_related Get items related to a given context item Read context_get_shared Get shared context items from other sessions Read context_list_channels List all channels with metadata (counts, activity, categories) Read context_search Search through saved context items with advanced filtering Read context_search_all Search across multiple or all sessions with pagination support Read context_semantic_search Search context using natural language queries Read context_session_list List recent sessions Read context_status Get current context status and statistics Read context_summarize Get AI-friendly summary of session context Read context_timeline Get timeline of activities with optional grouping Read context_visualize Generate visualization data for the knowledge graph Read context_export Export session data (context items, cached files, and checkpoints with their

EXPLORE

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

FAQ

Questions about MCP Memory Keeper

Can an AI agent delete data through the MCP Memory Keeper MCP server? +

Yes. The MCP Memory Keeper server exposes 1 destructive tools including context_batch_delete. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through MCP Memory Keeper? +

The MCP Memory Keeper server has 18 write tools including context_session_start, context_cache_file, context_integrate_tool. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach MCP Memory Keeper.

How many tools does the MCP Memory Keeper MCP server expose? +

40 tools across 4 categories: Destructive, Execute, Read, Write. 18 are read-only. 22 can modify, create, or delete data.

How do I enforce a policy on MCP Memory Keeper? +

Register the MCP Memory Keeper MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every MCP Memory Keeper tool call.

Deterministic rules across all 40 MCP Memory Keeper tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

ENFORCE POLICY ON MCP MEMORY KEEPER →

Free to start. No card required.

40 MCP Memory Keeper tools catalogued and risk-classified — across an index of 43,000+ MCP servers.