新規ページを作成。既存ページの場合は全置換される。WebSocket API経由で即時作成。
AI agents use create_page to create or update resources in MCP Template — usually the action step of a workflow, after the agent has gathered context. Every call changes real data in your MCP Template environment.
This tool creates new pages or completely replaces existing ones, which constitutes data modification. While the replacement behavior ('全置換') could suggest destructive potential, the primary function is creation/modification (Write category), and the reversibility depends on backup systems outside this tool's scope. The tool does not inherently prevent undo or recovery.
From the tool's definition Tool description states '新規ページを作成' (create new page) and '既存ページの場合は全置換される' (if an existing page exists, it will be completely replaced). The tool creates or modifies data.
Attacks that exploit this kind of access
新規ページを作成。既存ページの場合は全置換される。WebSocket API経由で即時作成。. It is categorised as a Write tool in the MCP Template MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.
Register the MCP Template MCP server in PolicyLayer and add a rule for create_page: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches MCP Template. Nothing to install.
create_page is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.
Yes. Add a rate_limit block to the create_page rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for create_page. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
create_page is provided by the MCP Template MCP server (masseater/scrapbox-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →