Perform automatic cleanup of old output files based on age and retention policies. Supports dry-run mode for safety. Automatically preserves recent files while cleaning up old ones to manage disk space.
AI agents call perform_auto_cleanup to permanently remove resources in MCP Shell Server — typically in cleanup and lifecycle workflows. It does its job in a single call, and there is no undo.
The tool deletes output files based on age/retention policies. File deletion is irreversible, placing this in the Destructive category. The dry-run mode confirms the default execution path removes files permanently. Severity is high because an AI agent could misconfigure retention policies or trigger cleanup prematurely, causing loss of significant execution history and outputs across multiple sessions.
From the tool's definition 'automatic cleanup of old output files' and 'cleaning up old ones to manage disk space' — permanently removes files; dry-run mode implies the real mode irreversibly deletes data
Attacks that exploit this kind of access
Perform automatic cleanup of old output files based on age and retention policies. Supports dry-run mode for safety. Automatically preserves recent files while cleaning up old ones to manage disk space. It is categorised as a Destructive tool in the MCP Shell Server MCP Server, which means it can permanently delete or destroy data. Block by default and require explicit approval.
Register the MCP Shell Server MCP server in PolicyLayer and add a rule for perform_auto_cleanup: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches MCP Shell Server. Nothing to install.
perform_auto_cleanup is a Destructive tool with critical risk. Critical-risk tools should be blocked by default and only enabled with explicit human approval.
Yes. Add a rate_limit block to the perform_auto_cleanup rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for perform_auto_cleanup. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
perform_auto_cleanup is provided by the MCP Shell Server MCP server (mako10k/mcp-shell-server). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →