High-risk tools in Nan Forget
7 of the 13 tools in Nan Forget are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
memory_checkpointExecuteCall this BEFORE telling the user a task is done. Captures the full problem→solution context as a structured memory for future sessions. Use after: bug fixes, feature implementa...
-
memory_cleanExecuteRun garbage collection on memories. Archives decayed (unused) memories, removes expired ones, deduplicates near-identical entries, and syncs MEMORY.md. Use after consolidation o...
-
memory_compressExecuteCompress local .md memory files that have been persisted to the DB. Replaces redundant files with minimal stubs to keep context window clean. Call after a long session or when c...
-
memory_consolidateExecuteConsolidate aging memories into compact long-term entries. Clusters related memories by topic, summarizes them (LLM if available, deterministic fallback), and creates new search...
-
memory_healthExecuteCheck if nan-forget services are running (Ollama, REST API). Call this at the start of each session to verify everything is ready. If services are down, ask the user if they wan...
-
memory_startExecuteStart all nan-forget services (Ollama, REST API). Only call this after the user confirms they want services started. Starts Ollama and the REST API.
-
memory_syncExecuteIMPORTANT: Call this ONCE at the start of every session. Lightweight handshake — checks if services are running, reports how many memories are available, and shows recent memory...
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.