cleanup_session

Remove a specific session and all its associated data from the database.

Server Codeviewer master0ffate/codeviewer-mcp
Category Destructive
Risk class Critical
Parameters 00 required

What cleanup_session does on Codeviewer

AI agents call cleanup_session to permanently remove resources in Codeviewer — typically in cleanup and lifecycle workflows. It does its job in a single call, and there is no undo.

Why cleanup_session needs a policy

This tool permanently deletes session records and associated data from a database, which cannot be undone. This is irreversible data destruction, making it a Destructive action rather than merely Write (which would be reversible). While the blast radius is limited to session metadata rather than critical user data, the irreversible nature and potential loss of review context/history warrants high severity.

From the tool's definition The tool description explicitly states 'Remove a specific session and all its associated data from the database,' indicating irreversible deletion of data.

Questions about cleanup_session

What does the cleanup_session tool do? +

Remove a specific session and all its associated data from the database. It is categorised as a Destructive tool in the Codeviewer MCP Server, which means it can permanently delete or destroy data. Block by default and require explicit approval.

How do I enforce a policy on cleanup_session? +

Register the Codeviewer MCP server in PolicyLayer and add a rule for cleanup_session: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Codeviewer. Nothing to install.

What risk level is cleanup_session? +

cleanup_session is a Destructive tool with critical risk. Critical-risk tools should be blocked by default and only enabled with explicit human approval.

Can I rate-limit cleanup_session? +

Yes. Add a rate_limit block to the cleanup_session rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block cleanup_session completely? +

Set action: deny in the PolicyLayer policy for cleanup_session. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides cleanup_session? +

cleanup_session is provided by the Codeviewer MCP server (master0ffate/codeviewer-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

// LOOK UP ANOTHER SERVER

Every MCP server has a record like this.

Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.

Teams ship this data inside their own products. See what a licence covers →

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.