Critical-risk tools in MemOS

Critical severity MemOS MCP Server 3 of 10 tools

3 of the 10 tools in MemOS are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at critical risk

delete_kb_documents Destructive

Trigger: Use when specific documents in a Knowledge Base should be removed. Purpose: Delete documents from a Knowledge Base by their IDs.
delete_memory Destructive

Trigger: User explicitly asks to delete memories. Purpose: Delete memories by ID. STRICT RULES: 1. **PREREQUISITE**: If the user did NOT provide IDs, you MUST call \
remove_knowledge_base Destructive

Trigger: User requests to remove a Knowledge Base from the project. Purpose: Remove a Knowledge Base association.

Attacks that target this class

Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Critical-risk tools in MemOS

Tools at critical risk

Attacks that target this class

More on MemOS

Enforce policy on every MemOS tool call.