// SCAN REPORT

ClawMem

30 tools. 9 can modify or destroy data without limits.

2 destructive tools with no built-in limits. Policy required.

Last updated:

9 can modify or destroy data
21 read-only
30 tools total

Community server · catalogue entry verified 11/06/2026

How to control ClawMem ↓

TOOL MAP

Read (21) Write / Execute (7) Destructive / Financial (2)

MOST DANGEROUS TOOLS

Critical Risk
Destructive · High lifecycle_sweep Although the tool defaults to dry-run mode (mitigating the risk), the actual operational mode purges and archives data irreversibly. Destructive · High memory_forget This tool permanently removes or deactivates memories from the on-device persistence layer. Execute · High build_graphs The tool executes a graph-building algorithm on indexed data, which is an active computational process whose effects depend on the indexed documents provided. Execute · Medium reindex The tool executes a background operation (re-scan/reindex) whose effects on system state and performance depend on the collection contents and size.

9 of ClawMem's 30 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

HOW TO CONTROL CLAWMEM

PolicyLayer is an MCP gateway — it sits between your AI agents and ClawMem, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations
{
  "lifecycle_sweep": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "memory_snooze": {
    "limits": [
      {
        "counter": "memory_snooze_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "beads_sync": {
    "limits": [
      {
        "counter": "beads_sync_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register ClawMem — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON CLAWMEM →

Free to start. No card required.

ALL 30 CLAWMEM TOOLS

DESTRUCTIVE 2 tools
Destructive lifecycle_sweep Run lifecycle policies: archive stale docs, optionally purge old archives. Defaults to dry_run (preview only). Destructive memory_forget Remove a memory by searching for the closest match and deactivating it.
EXECUTE 2 tools
Execute build_graphs Build temporal and semantic graphs for MAGMA multi-graph memory. Run after indexing documents. Execute reindex Trigger a re-scan of all collections. Detects new, changed, and deleted documents.
WRITE 5 tools
Write memory_snooze Temporarily hide a memory from context surfacing. USE PROACTIVELY when vault-context repeatedly surfaces irrel Write vault_sync Index markdown documents from a directory into a named vault. Use to populate a vault with content from a spec Write diary_write Write to the agent Write lifecycle_restore Restore documents that were auto-archived by lifecycle policies. Does NOT restore manually forgotten documents Write memory_pin Pin a memory for permanent prioritization (+0.3 boost). USE PROACTIVELY when: user states a persistent constra
READ 21 tools
Read beads_sync Sync Beads issues from Dolt backend (bd CLI) into ClawMem search index. Queries live Dolt database — no stale Read diary_read Read recent diary entries. Use to review past observations and events recorded by the agent. Read find_causal_links USE THIS to trace decision chains: Read find_similar USE THIS for Read get Retrieve document by file path or docid. Read index_stats Detailed index statistics with content type distribution, staleness info, and memory health. Read intent_search USE THIS for Read kg_query Query the knowledge graph for an entity Read lifecycle_status Show document lifecycle statistics: active, archived, forgotten, pinned, snoozed counts and policy summary. Read list_vaults Show all configured vault names and their SQLite paths. Returns empty if running in single-vault mode (default Read memory_evolution_status Get the evolution timeline for a memory document, showing how its keywords and context have changed over time Read memory_retrieve Unified memory retrieval — classifies your query and routes to the optimal search backend automatically. Use t Read multi_get Retrieve multiple documents by glob pattern or comma-separated list. Read profile Get the current user profile (static facts + dynamic context). Rebuild if stale. Read query Full hybrid search (BM25 + vector + rerank). General-purpose — use when query type is unclear. WRONG: query( Read query_plan USE THIS for complex multi-topic queries ( Read search Keyword (BM25) search for exact term lookup. Use for config names, error codes, specific filenames. DO NOT use Read session_log USE THIS when user references prior sessions: Read status Show ClawMem index status with content type distribution. Read timeline Show the temporal neighborhood around a document — what was created/modified before and after it. Token-effici Read vsearch Vector similarity search for conceptual/fuzzy matching. Use when exact keywords are unknown. DO NOT use for ca

RELATED SERVERS

Other MCP servers with similar tools — same risk classification, starter policies for each.

BNB Chain MCP 1240 tools
adminautomation
Binance MCP Server 734 tools
adminautomation
Nodebench 724 tools
adminautomation
GoHighLevel MCP Server 566 tools
adminautomation
UnClick 451 tools
adminautomation
NowAIKit — ServiceNow AI Toolkit 446 tools
adminautomation
Mcp Windows 441 tools
adminautomation
0nmcp 407 tools
adminautomation

FAQ

Can an AI agent delete data through the ClawMem MCP server? +

Yes. The ClawMem server exposes 2 destructive tools including lifecycle_sweep, memory_forget. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through ClawMem? +

The ClawMem server has 5 write tools including memory_snooze, vault_sync, diary_write. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach ClawMem.

How many tools does the ClawMem MCP server expose? +

30 tools across 4 categories: Destructive, Execute, Read, Write. 21 are read-only. 9 can modify, create, or delete data.

How do I enforce a policy on ClawMem? +

Register the ClawMem MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every ClawMem tool call.

Deterministic rules across all 30 ClawMem tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

ENFORCE POLICY ON CLAWMEM →

Free to start. No card required.

30 ClawMem tools catalogued and risk-classified — across an index of 42,500+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.