If your question is 'what recomputes downstream when X changes?', use nanostores_store_impact instead — it gives the ordered causal chain in one call. Use this tool only when you need both directions: upstream sources AND downstream dependents together. Returns the BFS neighborhood within a confi...
AI agents call nanostores_store_subgraph to retrieve information from Nanostores MCP without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.
| Parameter | Type | Required | Description |
|---|---|---|---|
name | string | — | Store name. Used if storeId is not provided. |
radius | integer | — | BFS radius around the store (default 2) |
storeId | string | — | Exact store id. If provided, takes priority. |
projectRoot | string | — | Project root path (uses default if omitted) |
Parameters from the server's own tool schema.
This tool reads and returns structural graph data about store dependencies (upstream and downstream) in a Nanostores project. It performs analysis/querying only with no side effects, modifications, or destructive actions.
From the tool's definition Returns the BFS neighborhood within a configurable radius... upstream sources AND downstream dependents together
Attacks that exploit this kind of access
If your question is 'what recomputes downstream when X changes?', use nanostores_store_impact instead — it gives the ordered causal chain in one call. Use this tool only when you need both directions: upstream sources AND downstream dependents together. Returns the BFS neighborhood within a configurable radius (default 2). Start with radius=1; increase only when you need wider structural context. On highly connected hub stores (score>5 in project_outline) radius=2+ may return most of the project. Example: {name: "$cart", radius: 1} or {storeId: "store:src/stores.ts#$cart", radius: 2}. It is categorised as a Read tool in the Nanostores MCP MCP Server, which means it retrieves data without modifying state.
nanostores_store_subgraph accepts 4 parameters: name, radius, storeId, projectRoot. The full parameter table on this page comes from the server's own tool schema.
Register the Nanostores MCP server in PolicyLayer and add a rule for nanostores_store_subgraph: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Nanostores MCP. Nothing to install.
nanostores_store_subgraph is a Read tool with low risk. Read-only tools are generally safe to allow by default.
Yes. Add a rate_limit block to the nanostores_store_subgraph rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for nanostores_store_subgraph. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
nanostores_store_subgraph is provided by the Nanostores MCP server (nanostores-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →