forgot_password

Send a password reset email to an email-authenticated Yaver user. The reset link expires in 1 hour. Rate-limited to 5 requests per email per day.

Server Yaver yaver-cli
Category Destructive
Risk class Critical
Parameters 11 required

What forgot_password does on Yaver

AI agents call forgot_password to permanently remove resources in Yaver — typically in cleanup and lifecycle workflows. It does its job in a single call, and there is no undo.

ParameterTypeRequiredDescription
email string Yes Email address of the account to reset

Parameters from the server's own tool schema.

Why forgot_password needs a policy

An AI agent that decides to call forgot_password doesn't hesitate, doesn't double-check, and doesn't stop at one. Whatever it removes from Yaver is gone — there is no undo for destructive operations.

Questions about forgot_password

What does the forgot_password tool do? +

Send a password reset email to an email-authenticated Yaver user. The reset link expires in 1 hour. Rate-limited to 5 requests per email per day. It is categorised as a Destructive tool in the Yaver MCP Server, which means it can permanently delete or destroy data. Block by default and require explicit approval.

What parameters does forgot_password accept? +

forgot_password accepts 1 parameter: email. Required: email. The full parameter table on this page comes from the server's own tool schema.

How do I enforce a policy on forgot_password? +

Register the Yaver MCP server in PolicyLayer and add a rule for forgot_password: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Yaver. Nothing to install.

What risk level is forgot_password? +

forgot_password is a Destructive tool with critical risk. Critical-risk tools should be blocked by default and only enabled with explicit human approval.

Can I rate-limit forgot_password? +

Yes. Add a rate_limit block to the forgot_password rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block forgot_password completely? +

Set action: deny in the PolicyLayer policy for forgot_password. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides forgot_password? +

forgot_password is provided by the Yaver MCP server (yaver-cli). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.