Manage adventuring parties and members. 👥 PARTY LIFECYCLE: 1. Create characters with character_manage first 2. create - Form a new party (can include initialMembers) 3. add_member - Add characters to existing party ⚔️ WORKFLOW: - set_leader: Designate party leader for social interactions - set_a...
AI agents use party_manage to create or update resources in Rpg — usually the action step of a workflow, after the agent has gathered context. Every call changes real data in your Rpg environment.
party_manage modifies game entities (parties and their members) through create, add, update, and delete operations. While delete is present, in the context of a game engine managing fictional party data, deletion is reversible (parties can be recreated, characters exist independently via character_manage).
From the tool's definition The tool supports create, update, and delete actions on party data. The description explicitly lists 'create' (form new party), 'add_member' (modify party), 'set_leader' and 'set_active' (update state), and the actions list includes 'dele[te]'.
Documented attack patterns abuse exactly the kind of access party_manage gives an agent:
PolicyLayer is an MCP gateway — it sits between your AI agents and Rpg, and nothing reaches the server without passing your rules. This is the rule we recommend for party_manage:
{
"version": "1",
"default": "deny",
"tools": {
"party_manage": {
"limits": [
{
"counter": "party_manage_rate",
"window": "minute",
"max": 30,
"scope": "grant"
}
]
}
}
}party_manage stays usable, but capped — an agent stuck in a loop can't make hundreds of changes a minute. Everything else on the server is denied unless you say otherwise.
Free to start. No card required.
Manage adventuring parties and members. 👥 PARTY LIFECYCLE: 1. Create characters with character_manage first 2. create - Form a new party (can include initialMembers) 3. add_member - Add characters to existing party ⚔️ WORKFLOW: - set_leader: Designate party leader for social interactions - set_active: Switch POV character for narrative focus - get_context: AI-friendly party summary for story generation 🗺️ TRAVEL: - move: Relocate party on world map (requires worldId) - get_position: Query current party location - get_in_region: Find nearby parties Actions: create, get, list, update, delete, add_member, remove_member, update_member, set_leader, set_active, get_members, get_context, get_unassigned, move, get_position, get_in_region Aliases: new/form->create, join/recruit->add_member, leader->set_leader, active/pov->set_active, roster->get_members, travel/goto->move. It is categorised as a Write tool in the Rpg MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.
Register the Rpg MCP server in PolicyLayer and add a rule for party_manage: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Rpg. Nothing to install.
party_manage is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.
Yes. Add a rate_limit block to the party_manage rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for party_manage. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
party_manage is provided by the Rpg MCP server (mnehmos/mnehmos.rpg.mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Start from Rpg, add the rest of your stack, and see everything your agents can call. Then put policy on all of it.
Free to start. No card required.
47 Rpg tools catalogued and risk-classified — across an index of 43,000+ MCP servers.