// MCP TOOL REFERENCE
Medium Risk

onui_bulk_update_annotation_metadata

Bulk update metadata for multiple annotations.

How to control onui_bulk_update_annotation_metadata ↓

WHAT ONUI_BULK_UPDATE_ANNOTATION_METADATA ON ONUI DOES

AI agents use onui_bulk_update_annotation_metadata to create or update resources in onUI — usually the action step of a workflow, after the agent has gathered context. Every call changes real data in your onUI environment.

THE RISK

Medium Risk

This tool creates or modifies annotation metadata in a reversible manner. It does not execute code, delete data irreversibly, or involve financial operations. The 'bulk' aspect increases severity to medium due to wider potential blast radius affecting multiple annotations at once, but it remains a Write operation since metadata updates are generally reversible.

From the tool's definition Tool name contains 'bulk_update' and description states 'Bulk update metadata for multiple annotations', indicating it modifies annotation data.

Documented attack patterns abuse exactly the kind of access onui_bulk_update_annotation_metadata gives an agent:

HOW TO CONTROL ONUI_BULK_UPDATE_ANNOTATION_METADATA

PolicyLayer is an MCP gateway — it sits between your AI agents and onUI, and nothing reaches the server without passing your rules. This is the rule we recommend for onui_bulk_update_annotation_metadata:

policy.json 
{
  "version": "1",
  "default": "deny",
  "tools": {
    "onui_bulk_update_annotation_metadata": {
      "limits": [
        {
          "counter": "onui_bulk_update_annotation_metadata_rate",
          "window": "minute",
          "max": 30,
          "scope": "grant"
        }
      ]
    }
  }
}

onui_bulk_update_annotation_metadata stays usable, but capped — an agent stuck in a loop can't make hundreds of changes a minute. Everything else on the server is denied unless you say otherwise.

  1. Create a free account and register onUI — nothing to install.
  2. Add this policy — paste it, or build it visually.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
LIMIT THIS TOOL →

Free to start. No card required.

EXPLORE

More onUI tools

Destructive onui_clear_page_annotations Delete all annotations for a specific page URL. Destructive onui_delete_annotation Delete a single annotation by id. Write onui_update_annotation_metadata Update metadata for a single annotation (status/intent/severity/comment). Read onui_get_annotations Get annotations for a specific page URL. Read onui_get_report Generate annotation report in compact/standard/detailed/forensic format. Read onui_list_pages List pages that have onUI annotations in the local store. Read onui_search_annotations Search annotations across the local store with optional filters.

All 8 onUI tools →

Write tools on other servers

Frida Game Hacking MCP resolve_symbol MegaMemory create_concept Pentest Ai close_engagement Firecrawl Web Scraping Server firecrawl_generate_llmstxt

Go deeper

FAQ

What does the onui_bulk_update_annotation_metadata tool do? +

Bulk update metadata for multiple annotations. It is categorised as a Write tool in the onUI MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.

How do I enforce a policy on onui_bulk_update_annotation_metadata? +

Register the onUI MCP server in PolicyLayer and add a rule for onui_bulk_update_annotation_metadata: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches onUI. Nothing to install.

What risk level is onui_bulk_update_annotation_metadata? +

onui_bulk_update_annotation_metadata is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.

Can I rate-limit onui_bulk_update_annotation_metadata? +

Yes. Add a rate_limit block to the onui_bulk_update_annotation_metadata rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block onui_bulk_update_annotation_metadata completely? +

Set action: deny in the PolicyLayer policy for onui_bulk_update_annotation_metadata. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides onui_bulk_update_annotation_metadata? +

onui_bulk_update_annotation_metadata is provided by the onUI MCP server (onllm-dev/onui). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Enforce policy on every onUI tool call.

Deterministic rules across all 8 onUI tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

GOVERN ONUI →

Free to start. No card required.

8 onUI tools catalogued and risk-classified — across an index of 42,500+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.