Before writing to a project for the first time in a session, call assess_integration_state to understand client URL patterns and integration state. Create or update a translation key in the sandbox (upsert). SOURCE LOCALE REQUIRED: The project default (source) locale value MUST be included in val...
AI agents use set_translation to create or update resources in Localization — usually the action step of a workflow, after the agent has gathered context. Every call changes real data in your Localization environment.
| Parameter | Type | Required | Description |
|---|---|---|---|
key | string | Yes | Translation key name (e.g. 'button.save', 'errors.notFound') |
values | object | Yes | Locale-to-value map. The source/default locale MUST always be included — other locales are optional (partial update). Locale codes must match the project exactl |
context | string | — | Context improves translation quality and reduces ambiguity (max 1000 chars). Describe: where the text appears (screen, dialog, notification), UI element type (b |
namespace | string | Yes | Namespace slug (e.g. 'backoffice-translations') |
projectSlug | string | Yes | Project slug |
Parameters from the server's own tool schema.
The tool creates or updates translation entries (Write category). It modifies data but does not irreversibly delete or destroy content, nor does it execute arbitrary code or move money. The severity is medium because misconfiguration could affect many localized strings across an application, impacting user-facing content; however, the changes are reversible and confined to a sandbox/controlled localization system.
From the tool's definition Tool description states 'Create or update a translation key' and 'upsert', indicating reversible creation/modification of data in a sandbox environment.
Attacks that exploit this kind of access
Before writing to a project for the first time in a session, call assess_integration_state to understand client URL patterns and integration state. Create or update a translation key in the sandbox (upsert). SOURCE LOCALE REQUIRED: The project default (source) locale value MUST be included in values on both create and update — omitting it returns 400. For other locales: partial update is fine — only the locales you pass are changed, others are untouched. Example: values={ 'en': 'Save', 'nb-NO': 'Lagre' } — en is required, nb-NO is the new value. Locale codes must exactly match the project's locale codes — call get_project_details first. Invalid codes are rejected, not auto-corrected. Always writes to sandbox only. For updating many keys at once, use bulk_set_locale (single locale) or bulk_import (multiple locales). It is categorised as a Write tool in the Localization MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.
set_translation accepts 5 parameters: key, values, context, namespace, projectSlug. Required: key, values, namespace, projectSlug. The full parameter table on this page comes from the server's own tool schema.
Register the Localization MCP server in PolicyLayer and add a rule for set_translation: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Localization. Nothing to install.
set_translation is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.
Yes. Add a rate_limit block to the set_translation rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for set_translation. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
set_translation is provided by the Localization MCP server (localization-mcp-server). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →