Personality を部分更新する (PATCH 相当)。
AI agents use update_personality to create or update resources in Poranos Mcp Ainpc — usually the action step of a workflow, after the agent has gathered context. Every call changes real data in your Poranos Mcp Ainpc environment.
This tool modifies personality configuration data reversibly without deleting or executing arbitrary code. It is a Write operation because updates can be undone (reverted to previous versions). Severity is medium because modifying NPC personality parameters could affect system behavior, but the context indicates versioning and audit logging are in place to track and recover from changes.
From the tool's definition Tool name is 'update_personality' and description indicates PATCH-style partial updates to personality data. The Japanese description '部分更新する' confirms this modifies existing personality records.
Attacks that exploit this kind of access
Personality を部分更新する (PATCH 相当)。. It is categorised as a Write tool in the Poranos Mcp Ainpc MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.
Register the Poranos Mcp Ainpc MCP server in PolicyLayer and add a rule for update_personality: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Poranos Mcp Ainpc. Nothing to install.
update_personality is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.
Yes. Add a rate_limit block to the update_personality rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for update_personality. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
update_personality is provided by the Poranos Mcp Ainpc MCP server (kkoba23/poranos-mcp-ainpc). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →