// MCP TOOL REFERENCE
Critical Risk →

delete_secret

delete_secret

Part of the Q Ring server.

delete_secret can permanently delete data in Q Ring, with no limits today. PolicyLayer puts allow, deny, and rate-limit rules on every call. Live in minutes.

SECURE Q RING →

Free to start. No card required.

WHEN AGENTS USE THIS TOOL

AI agents may call delete_secret to permanently remove or destroy resources in Q Ring. Without a policy, an autonomous agent could delete critical data in a loop with no way to undo the damage. PolicyLayer blocks destructive tools by default and requires explicit human approval before enabling them.

Without a policy, an AI agent could call delete_secret in a loop, permanently destroying resources in Q Ring. There is no undo for destructive operations. PolicyLayer blocks this tool by default and only allows it when a human explicitly approves the action.

RECOMMENDED POLICY

Destructive tools permanently remove data. Block by default. Only enable with explicit approval workflows.

policy.json 
{
  "version": "1",
  "default": "deny",
  "hide": [
    "delete_secret"
  ]
}

See the full Q Ring policy for all 50 tools.

Get this rule live on your own Q Ring server in minutes. PolicyLayer enforces it on every call, before it runs.

ENFORCE ON MY Q RING →

MORE Q RING TOOLS

Destructive remove_hook Destructive tunnel_destroy Write env_generate Write export_audit Write export_secrets Write generate_secret Write import_dotenv Write register_hook

View all 50 tools →

WHAT CAN GO WRONG

These attack patterns abuse exactly the kind of access delete_secret gives an agent. Each links to the full case and the policy that stops it:

Browse the full MCP Attack Database →

Every attack above starts with a tool call. PolicyLayer checks each one against your policy first, so delete_secret only ever does what you allow.

SECURE Q RING →

OTHER DESTRUCTIVE TOOLS

Other destructive tools across the catalogue. The same approach applies to each: deny by default, or require human approval.

AbraFlexi contact_delete AbraFlexi evidence_delete AbraFlexi invoice_issued_delete AbraFlexi product_delete ACR — Agent Composition Records acknowledge_signal Ae ae_delete_layer

RELATED READING

FAQ

What does the delete_secret tool do? +

delete_secret. It is categorised as a Destructive tool in the Q Ring MCP Server, which means it can permanently delete or destroy data. Block by default and require explicit approval.

How do I enforce a policy on delete_secret? +

Register the Q Ring MCP server in PolicyLayer and add a rule for delete_secret: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Q Ring. Nothing to install.

What risk level is delete_secret? +

delete_secret is a Destructive tool with critical risk. Critical-risk tools should be blocked by default and only enabled with explicit human approval.

Can I rate-limit delete_secret? +

Yes. Add a rate_limit block to the delete_secret rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block delete_secret completely? +

Set action: deny in the PolicyLayer policy for delete_secret. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides delete_secret? +

delete_secret is provided by the Q Ring MCP server (@i4ctime/q-ring). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Enforce policy on every Q Ring tool call.

Deterministic rules across all 50 Q Ring tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

SECURE Q RING →

Free to start. No card required.

4,600+ MCP servers and 31,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.