Rollback an applied proposal using its receipt timestamp.
AI agents call rollback_proposal to permanently remove resources in Mind Mem — typically in cleanup and lifecycle workflows. It does its job in a single call, and there is no undo.
Rollback operations undo previously applied changes, which can be irreversible in terms of the overwritten or discarded state. In a memory governance system, rolling back an applied proposal could destroy memory entries, approvals, or audit trails that cannot be recovered. This qualifies as Destructive, with high severity given the blast radius of corrupting or erasing governed memory state for an AI agent.
From the tool's definition 'Rollback an applied proposal using its receipt timestamp' — rolling back an applied proposal irreversibly undoes committed memory changes, which is a destructive/non-recoverable reversal of state.
Attacks that exploit this kind of access
Rollback an applied proposal using its receipt timestamp. It is categorised as a Destructive tool in the Mind Mem MCP Server, which means it can permanently delete or destroy data. Block by default and require explicit approval.
Register the Mind Mem MCP server in PolicyLayer and add a rule for rollback_proposal: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Mind Mem. Nothing to install.
rollback_proposal is a Destructive tool with critical risk. Critical-risk tools should be blocked by default and only enabled with explicit human approval.
Yes. Add a rate_limit block to the rollback_proposal rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for rollback_proposal. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
rollback_proposal is provided by the Mind Mem MCP server (ovidiu-eremia/mind-mem). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →