Semantic search INSIDE a fetched record. Pass the text you already pulled (e.g. a SEC 10-K body, an article, a long tool result) plus a natural-language query; get back the top-N passages with character offsets and similarity scores. Use when the record is too big to cram into the prompt — search...
AI agents call search_within to retrieve information from Mcp Sefaria without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.
| Parameter | Type | Required | Description |
|---|---|---|---|
text | string | Yes | The document text to search inside (max ~200K chars). |
limit | number | — | Max passages to return (1-20, default 5). |
query | string | Yes | Natural-language query — what passages do you want? E.g. "supply-chain risk", "fiscal year 2024 revenue", "drug interactions with warfarin". |
Parameters from the server's own tool schema.
search_within is a read-only tool that applies semantic search to text data that has already been retrieved. It extracts and ranks relevant passages but does not create, modify, delete, or execute any operations. The tool explicitly pairs with fetch operations ('fetched record', 'fetch with the gateway') and serves to optimize context by filtering results.
From the tool's definition Tool performs 'Semantic search INSIDE a fetched record' and returns 'top-N passages with character offsets and similarity scores.' No modification, deletion, or execution of external operations occurs—only retrieval and filtering of already-fetched text using…
Risk signalsAccepts freeform code/query input (query) · Bulk/mass operation — affects multiple targets
Attacks that exploit this kind of access
Semantic search INSIDE a fetched record. Pass the text you already pulled (e.g. a SEC 10-K body, an article, a long tool result) plus a natural-language query; get back the top-N passages with character offsets and similarity scores. Use when the record is too big to cram into the prompt — search_within saves context, returns only the passages that matter, and every passage carries an offset so the agent can verify a verbatim quote. Pairs with ask_pipeworx_grounded: fetch with the gateway, ground over the relevant passages instead of the whole document. BGE-base-en embeddings + cosine over 500-char overlapping windows; cap is 200K chars (longer inputs are truncated and flagged). It is categorised as a Read tool in the Mcp Sefaria MCP Server, which means it retrieves data without modifying state.
search_within accepts 3 parameters: text, limit, query. Required: text, query. The full parameter table on this page comes from the server's own tool schema.
Register the Mcp Sefaria MCP server in PolicyLayer and add a rule for search_within: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Mcp Sefaria. Nothing to install.
search_within is a Read tool with low risk. Read-only tools are generally safe to allow by default.
Yes. Add a rate_limit block to the search_within rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for search_within. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
search_within is provided by the Mcp Sefaria MCP server (pipeworx-io/mcp-sefaria). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →