cross_project_share

Per-user-per-anchor-project share of results that came from OTHER projects in the same group. Detects noisy cross-project search.

Server Paparats @paparats/cli
Category Read
Risk class Low
Parameters 00 required

What cross_project_share does on Paparats

AI agents call cross_project_share to retrieve information from Paparats without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.

Why cross_project_share needs a policy

This tool retrieves and analyzes search result metadata (cross-project contamination detection) without modifying, deleting, or executing anything. It serves a diagnostic/reporting function for code search quality. The most severe action is reading and comparing data across projects, which is a Read-category operation with minimal blast radius if misused.

From the tool's definition Tool description states it 'share of results' and 'detects' — indicating data retrieval and analysis only. No modification, deletion, or execution described.

Questions about cross_project_share

What does the cross_project_share tool do? +

Per-user-per-anchor-project share of results that came from OTHER projects in the same group. Detects noisy cross-project search. It is categorised as a Read tool in the Paparats MCP Server, which means it retrieves data without modifying state.

How do I enforce a policy on cross_project_share? +

Register the Paparats MCP server in PolicyLayer and add a rule for cross_project_share: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Paparats. Nothing to install.

What risk level is cross_project_share? +

cross_project_share is a Read tool with low risk. Read-only tools are generally safe to allow by default.

Can I rate-limit cross_project_share? +

Yes. Add a rate_limit block to the cross_project_share rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block cross_project_share completely? +

Set action: deny in the PolicyLayer policy for cross_project_share. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides cross_project_share? +

cross_project_share is provided by the Paparats MCP server (@paparats/cli). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

// LOOK UP ANOTHER SERVER

Every MCP server has a record like this.

Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.

Teams ship this data inside their own products. See what a licence covers →

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.