Manage HashPilot MCP server state through backup/restore/export operations. OPERATIONS: - backup: Create timestamped backup (excludes private keys by default for security) - restore: Restore state from backup file (can merge or replace) - export: Export state to JSON for inspection or sharing USE...
AI agents use state_manage to create or update resources in HashPilot — usually the action step of a workflow, after the agent has gathered context. Every call changes real data in your HashPilot environment.
The tool's primary risk comes from the 'restore' operation which can overwrite server state by merging or replacing configuration. While backups and exports are benign, the ability to restore state—potentially overwriting addressbook entries, account configurations, and other server-side settings—constitutes a Write operation.
From the tool's definition Tool description explicitly states it performs 'backup/restore/export operations' and mentions 'Restore state from backup file (can merge or replace)' which modifies server state.
Attacks that exploit this kind of access
Manage HashPilot MCP server state through backup/restore/export operations. OPERATIONS: - backup: Create timestamped backup (excludes private keys by default for security) - restore: Restore state from backup file (can merge or replace) - export: Export state to JSON for inspection or sharing USE THIS FOR: State persistence, migration, disaster recovery, debugging. It is categorised as a Write tool in the HashPilot MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.
Register the HashPilot MCP server in PolicyLayer and add a rule for state_manage: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches HashPilot. Nothing to install.
state_manage is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.
Yes. Add a rate_limit block to the state_manage rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for state_manage. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
state_manage is provided by the HashPilot MCP server (justmert/hashpilot). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
state_manage is one line of HashPilot's registry record.
The record carries the whole server: verified identity, auth posture, risk grade, every tool classified, recommended policy — re-checked continuously.
Teams ship this data inside their own products. See what a licence covers →