// MCP TOOL REFERENCE
Medium Risk

update_concept

Update an existing concept in the knowledge graph. Call this after completing a task that changed existing features or components. Only include fields that changed.

How to control update_concept ↓

WHAT UPDATE_CONCEPT ON MEGAMEMORY DOES

AI agents use update_concept to create or update resources in MegaMemory — usually the action step of a workflow, after the agent has gathered context. Every call changes real data in your MegaMemory environment.

THE RISK

Medium Risk

This tool creates or modifies data in the knowledge graph reversibly—updates are not permanent deletions and can be corrected. This fits the Write category. Severity is medium because misconfiguration could corrupt architectural records or decision history relied upon by agents, but the effects are limited to metadata about concepts and can be rectified by subsequent updates.

From the tool's definition Tool name 'update_concept' and description states 'Update an existing concept in the knowledge graph.' This explicitly modifies existing data.

Documented attack patterns abuse exactly the kind of access update_concept gives an agent:

HOW TO CONTROL UPDATE_CONCEPT

PolicyLayer is an MCP gateway — it sits between your AI agents and MegaMemory, and nothing reaches the server without passing your rules. This is the rule we recommend for update_concept:

policy.json 
{
  "version": "1",
  "default": "deny",
  "tools": {
    "update_concept": {
      "limits": [
        {
          "counter": "update_concept_rate",
          "window": "minute",
          "max": 30,
          "scope": "grant"
        }
      ]
    }
  }
}

update_concept stays usable, but capped — an agent stuck in a loop can't make hundreds of changes a minute. Everything else on the server is denied unless you say otherwise.

  1. Create a free account and register MegaMemory — nothing to install.
  2. Add this policy — paste it, or build it visually.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
LIMIT THIS TOOL →

Free to start. No card required.

EXPLORE

More MegaMemory tools

Destructive remove_concept Soft-delete a concept from the knowledge graph. The concept and its removal reason are pre Write create_concept Add a new concept to the knowledge graph. Call this after completing a task to record new Write link Create a relationship between two existing concepts. Write resolve_conflict Resolve a merge conflict by providing the correct resolved content. Read both conflict ver Read get_concept Look up a concept by its exact ID. Returns the concept with its full context including chi Read list_conflicts List all unresolved merge conflicts in the knowledge graph, grouped by merge_group. Each g Read list_roots List all top-level concepts in the knowledge graph with their direct children. Call this a Read understand Query the project knowledge graph. Call this before starting any task to load relevant con

All 9 MegaMemory tools →

Write tools on other servers

Frida Game Hacking MCP resolve_symbol Pentest Ai close_engagement Firecrawl Web Scraping Server firecrawl_generate_llmstxt MCP Kling apply_video_effect

Go deeper

FAQ

What does the update_concept tool do? +

Update an existing concept in the knowledge graph. Call this after completing a task that changed existing features or components. Only include fields that changed. It is categorised as a Write tool in the MegaMemory MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.

How do I enforce a policy on update_concept? +

Register the MegaMemory MCP server in PolicyLayer and add a rule for update_concept: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches MegaMemory. Nothing to install.

What risk level is update_concept? +

update_concept is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.

Can I rate-limit update_concept? +

Yes. Add a rate_limit block to the update_concept rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block update_concept completely? +

Set action: deny in the PolicyLayer policy for update_concept. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides update_concept? +

update_concept is provided by the MegaMemory MCP server (0xk3vin/megamemory). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Enforce policy on every MegaMemory tool call.

Deterministic rules across all 9 MegaMemory tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

GOVERN MEGAMEMORY →

Free to start. No card required.

9 MegaMemory tools catalogued and risk-classified — across an index of 42,500+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.