index_repair

THE RISK

High Risk

Why index_repair needs a policy

Index repair triggers an active repair/rebuild operation on the storage index, which is an execution of a maintenance process rather than a simple read or write. It modifies internal index structures and validates processes, making it Execute. Misuse could corrupt or destabilize the search/storage system, warranting high severity.

From the tool's definition '인덱스를 수동으로 복구하고 인덱싱 프로세스를 검증합니다' — manually repairs missing indexes and validates indexing processes

Documented attack patterns abuse exactly the kind of access index_repair gives an agent:

POLICY

How to control index_repair

PolicyLayer is an MCP gateway — it sits between your AI agents and Work Memory MCP Server, and nothing reaches the server without passing your rules. This is the rule we recommend for index_repair:

policy.json

{
  "version": "1",
  "default": "deny",
  "tools": {
    "index_repair": {
      "limits": [
        {
          "counter": "index_repair_rate",
          "window": "minute",
          "max": 10,
          "scope": "grant"
        }
      ]
    }
  }
}

index_repair stays usable, but rate-capped — a runaway agent can't fire it dozens of times a minute. Everything else on the server is denied unless you say otherwise.

Create a free account and register Work Memory MCP Server — nothing to install.
Add this policy — paste it, or build it visually.
Point your MCP client (Claude, Cursor, anything) at your gateway URL.

RATE-LIMIT THIS TOOL →

Free to start. No card required.

EXPLORE

Related tools and policies

More Work Memory MCP Server tools

Destructive delete_work_memory 종합 데이터 삭제 도구 - 작업기억, 세션, 히스토리, 검색인덱스 등 카테고리별 세분화된 삭제 지원. 단일/복수/조건부/전체 삭제 가능 Destructive session_manager 세션을 관리합니다. 활성 세션 설정/해제, 세션 삭제, 자동 링크 활성화/비활성화를 처리합니다. Execute optimize_database 데이터베이스를 최적화하고 인덱스 커버리지를 분석합니다. VACUUM, ANALYZE, 인덱스 최적화 포함 Execute optimize_search_index 검색 인덱스를 최적화합니다. 고아 키워드 제거, 유사 키워드 병합, 압축 등을 수행하여 검색 성능을 향상시킵니다. Write batch_operations 여러 메모리 작업을 효율적으로 일괄 처리합니다 Write add_work_memory 작업 내용을 SQLite 데이터베이스에 저장합니다. 할일 저장 시 context(배경정보)와 content(작업내용)가 필요합니다. Write restore_memory_version 이전 버전으로 메모리를 복구합니다. 전체/선택적/미리보기 모드 지원 Write update_work_memory 기존 메모리의 내용을 업데이트합니다. 할일 완료 시 content(작업요약)와 result_content(결과물)를 함께 업데이트하세요.

All 24 Work Memory MCP Server tools →

Execute tools on other servers

Android Forensics ADB MCP Server adb_shell_command EMBA-MCP run_emba_scan Frida Game Hacking MCP remove_breakpoint Procmon request_elevation

Go deeper

High-risk tools in Work Memory MCP Server → Every high-risk tool this server exposes, in one view.
All high-risk MCP tools → Every high-risk tool across the catalogue, and the policy pattern that contains them.
The MCP Attack Database → Documented attack patterns against MCP deployments — and the policies that stop them.
Agent sandbox → Bounding what an agent can execute and where the boundary should sit.
Least privilege for MCP → Granting agents the minimum tool surface the task needs.
Rate Limiting MCP Tool Calls: A Practical Guide →
MCP Security: Why Prompt Guardrails Aren't Enough →

FAQ

Questions about index_repair

What does the index_repair tool do? +

누락된 인덱스를 수동으로 복구하고 인덱싱 프로세스를 검증합니다. It is categorised as a Execute tool in the Work Memory MCP Server MCP Server, which means it can trigger actions or run processes. Use rate limits and argument validation.

How do I enforce a policy on index_repair? +

Register the Work Memory MCP Server MCP server in PolicyLayer and add a rule for index_repair: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Work Memory MCP Server. Nothing to install.

What risk level is index_repair? +

index_repair is a Execute tool with high risk. Execute tools should be rate-limited and have argument validation enabled.

Can I rate-limit index_repair? +

Yes. Add a rate_limit block to the index_repair rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block index_repair completely? +

Set action: deny in the PolicyLayer policy for index_repair. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides index_repair? +

index_repair is provided by the Work Memory MCP Server MCP server (moontmsai/work-memory-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Enforce policy on every Work Memory MCP Server tool call.

Start from Work Memory MCP Server, add the rest of your stack, and see everything your agents can call. Then put policy on all of it.

CHECK YOUR STACK →