// MCP TOOL REFERENCE
Critical Risk →

invarium_manage_scenario

Manage a scenario: update its fields, delete it, or toggle its active state. IMPORTANT: Deletion is permanent and irreversible. When action="delete", you MUST first call this tool WITHOUT confirm=true. The tool will return a confirmation prompt listing the scenario to be deleted. Show this to th...

Part of the Invarium MCP server. Enforce policies on this tool with Intercept, the open-source MCP proxy.

invarium-ai/invarium Destructive Risk 4/5
// WHEN AI AGENTS USE THIS TOOL

AI agents may call invarium_manage_scenario to permanently remove or destroy resources in Invarium. Without a policy, an autonomous agent could delete critical data in a loop with no way to undo the damage. Intercept blocks destructive tools by default and requires explicit human approval before enabling them.

// WHY ENFORCE A POLICY ON INVARIUM_MANAGE_SCENARIO

Without a policy, an AI agent could call invarium_manage_scenario in a loop, permanently destroying resources in Invarium. There is no undo for destructive operations. Intercept blocks this tool by default and only allows it when a human explicitly approves the action.

// RECOMMENDED POLICY

Destructive tools permanently remove data. Block by default. Only enable with explicit approval workflows.

invarium-ai-invarium.yaml 
tools:
  invarium_manage_scenario:
    rules:
      - action: deny
        reason: "Blocked by default — enable with approval"

See the full Invarium policy for all 19 tools.

// DETAILS
Tool Name invarium_manage_scenario
Category Destructive
MCP Server Invarium MCP Server
Risk Level Critical
// MORE INVARIUM TOOLS
Destructive invarium_delete_agent Execute invarium_dashboard Execute invarium_prepare_blueprint Execute invarium_sync_results Write invarium_connect Write invarium_create_scenario Write invarium_generate_tests Write invarium_setup_tracing

View all 19 tools →

// WHAT CAN GO WRONG

Agents calling destructive-class tools like invarium_manage_scenario have been implicated in these attack patterns. Read the full case and prevention policy for each:

Browse the full MCP Attack Database →

// OTHER DESTRUCTIVE TOOLS ACROSS MCP SERVERS

Other tools in the Destructive risk category across the catalogue. The same policy patterns (deny, require_approval) apply to each.

AbraFlexi contact_delete AbraFlexi evidence_delete AbraFlexi invoice_issued_delete AbraFlexi product_delete Agent Passport System — Cryptographic Identity for AI Agents remove_intent_card Agent Passport System — Cryptographic Identity for AI Agents revoke_delegation
// IN CONTEXT OF CRITICAL RISK

invarium_manage_scenario is one of the critical-risk operations in Invarium. For the full severity-focused view — only the critical-risk tools with their recommended policies — see the breakdown for this server, or browse all critical-risk tools across every MCP server.

// RELATED READING
// FAQ
What does the invarium_manage_scenario tool do? +

Manage a scenario: update its fields, delete it, or toggle its active state. IMPORTANT: Deletion is permanent and irreversible. When action="delete", you MUST first call this tool WITHOUT confirm=true. The tool will return a confirmation prompt listing the scenario to be deleted. Show this to the user and only re-call with confirm=true after they explicitly approve. NEVER set confirm=true on the first call. NEVER delete multiple scenarios in a loop without showing the user the full list and getting one explicit confirmation for the batch. Args: scenario_id: ID of the scenario to manage. action: Operation to perform — "update", "delete", or "toggle". name: New name for the scenario (update only). description: New description for the scenario (update only). expected_behavior: New expected behavior text (update only). tags: JSON array string of tags, e.g. '["auth", "edge-case"]' (update only). confirm: Required for delete — must be true to execute deletion. First call without confirm to get a confirmation prompt. Returns: A confirmation string on success, or an error message on failure.. It is categorised as a Destructive tool in the Invarium MCP Server, which means it can permanently delete or destroy data. Block by default and require explicit approval.

How do I enforce a policy on invarium_manage_scenario? +

Add a rule in your Intercept YAML policy under the tools section for invarium_manage_scenario. You can allow, deny, rate-limit, or validate arguments. Then run Intercept as a proxy in front of the Invarium MCP server.

What risk level is invarium_manage_scenario? +

invarium_manage_scenario is a Destructive tool with critical risk. Critical-risk tools should be blocked by default and only enabled with explicit human approval.

Can I rate-limit invarium_manage_scenario? +

Yes. Add a rate_limit block to the invarium_manage_scenario rule in your Intercept policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block invarium_manage_scenario completely? +

Set action: deny in the Intercept policy for invarium_manage_scenario. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides invarium_manage_scenario? +

invarium_manage_scenario is provided by the Invarium MCP server (invarium-ai/invarium). Intercept sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Enforce policies on Invarium

Open source. One binary. Zero dependencies.

npx -y @policylayer/intercept
github.com/policylayer/intercept →
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.