Compare static analysis graph with runtime event data to find stores declared in the static graph but not observed in this runtime session, and stores seen at runtime but absent from the static graph (dynamic or unscanned). Use after running the app to verify instrumentation completeness. Example...
AI agents call nanostores_runtime_coverage to retrieve information from Nanostores MCP without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.
| Parameter | Type | Required | Description |
|---|---|---|---|
projectRoot | string | — | Project root path (uses first configured root if omitted) |
Parameters from the server's own tool schema.
This tool performs analysis and comparison of existing data (static graphs vs runtime events) to report coverage gaps. It reads and queries information about store instrumentation without creating, modifying, deleting, or executing operations. The example parameters show simple configuration inputs. No side effects or state changes are triggered by this analysis tool.
From the tool's definition Tool compares static analysis graph with runtime event data to find discrepancies; it 'scan stores, monitor runtime events, and search docs' per server description.
Attacks that exploit this kind of access
Compare static analysis graph with runtime event data to find stores declared in the static graph but not observed in this runtime session, and stores seen at runtime but absent from the static graph (dynamic or unscanned). Use after running the app to verify instrumentation completeness. Example: {} or {projectRoot: "/path/to/project"}. It is categorised as a Read tool in the Nanostores MCP MCP Server, which means it retrieves data without modifying state.
nanostores_runtime_coverage accepts 1 parameter: projectRoot. The full parameter table on this page comes from the server's own tool schema.
Register the Nanostores MCP server in PolicyLayer and add a rule for nanostores_runtime_coverage: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Nanostores MCP. Nothing to install.
nanostores_runtime_coverage is a Read tool with low risk. Read-only tools are generally safe to allow by default.
Yes. Add a rate_limit block to the nanostores_runtime_coverage rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for nanostores_runtime_coverage. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
nanostores_runtime_coverage is provided by the Nanostores MCP server (nanostores-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →