Save complete conversations as living documents. REQUIRED: Send COMPLETE conversation in 'conversationContent' parameter (minimum 100 chars, should be thousands). Include EVERY message verbatim - NO summaries or partial content. Intelligently tracks context, extracts project details, and mai...
Part of the Pūrmemo MCP server. Enforce policies on this tool with Intercept, the open-source MCP proxy.
AI agents use save_conversation to create or modify resources in Pūrmemo. Write operations carry medium risk because an autonomous agent could trigger bulk unintended modifications. Rate limits prevent a single agent session from making hundreds of changes in rapid succession. Argument validation ensures the agent passes expected values.
Without a policy, an AI agent could call save_conversation repeatedly, creating or modifying resources faster than any human could review. Intercept's rate limiting ensures write operations happen at a controlled pace, and argument validation catches malformed or unexpected inputs before they reach Pūrmemo.
Write tools can modify data. A rate limit prevents runaway bulk operations from AI agents.
tools:
save_conversation:
rules:
- action: allow
rate_limit:
max: 30
window: 60See the full Pūrmemo policy for all 11 tools.
Agents calling write-class tools like save_conversation have been implicated in these attack patterns. Read the full case and prevention policy for each:
Other tools in the Write risk category across the catalogue. The same policy patterns (rate-limit, validate) apply to each.
Save complete conversations as living documents. REQUIRED: Send COMPLETE conversation in 'conversationContent' parameter (minimum 100 chars, should be thousands). Include EVERY message verbatim - NO summaries or partial content. Intelligently tracks context, extracts project details, and maintains a single memory per conversation topic. LIVING DOCUMENT + INTELLIGENT PROJECT TRACKING: - Each conversation becomes a living document that grows over time - Automatically extracts project context (name, component, feature being discussed) - Detects work iteration and status (planning/in_progress/completed/blocked) - Generates smart titles like "Purmemo - Timeline View - Implementation" (no more timestamp titles!) - Tracks technologies, tools used, and identifies relationships/dependencies - Works like Chrome extension: intelligent memory that grows with each save How memory updating works: - Conversation ID auto-generated from title (e.g., "MCP Tools" → "mcp-tools") - Same title → UPDATES existing memory (not create duplicate) - "Save progress" → Updates most recent memory for current project context - Explicit conversationId → Always updates that specific memory - Example: Saving "Project X Planning" three times = ONE memory updated three times - To force new memory: Change title or use different conversationId SERVER AUTO-CHUNKING: - Large conversations (>15K chars) automatically split into linked chunks - Small conversations (<15K chars) saved directly as single memory - You always send complete content - server handles chunking intelligently - All chunks linked together for seamless retrieval EXAMPLES: User: "Save progress" (working on Purmemo timeline feature) → System auto-generates: "Purmemo - Timeline View - Implementation" → Updates existing memory if this title was used before User: "Save this conversation" (discussing React hooks implementation) → System auto-generates: "Frontend - React Hooks - Implementation" User: "Save as conversation react-hooks-guide" → You call save_conversation with conversationId="react-hooks-guide" → Creates or updates memory with this specific ID WHAT TO INCLUDE (COMPLETE CONVERSATION REQUIRED): - EVERY user message (verbatim, not paraphrased) - EVERY assistant response (complete, not summarized) - ALL code blocks with full syntax - ALL artifacts with complete content (not just titles/descriptions) - ALL file paths, URLs, and references mentioned - ALL system messages and tool outputs - EXACT conversation flow and context - Minimum 500 characters expected - should be THOUSANDS of characters FORMAT REQUIRED: === CONVERSATION START === [timestamp] USER: [complete user message 1] [timestamp] ASSISTANT: [complete assistant response 1] [timestamp] USER: [complete user message 2] [timestamp] ASSISTANT: [complete assistant response 2] ... [continue for ALL exchanges] === ARTIFACTS === [Include ALL artifacts with full content] === CODE BLOCKS === [Include ALL code with syntax highlighting] === END === IMPORTANT: Do NOT send just "save this conversation" or summaries. If you send less than 500 chars, you're doing it wrong. Include the COMPLETE conversation with all details.. It is categorised as a Write tool in the Pūrmemo MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.
Add a rule in your Intercept YAML policy under the tools section for save_conversation. You can allow, deny, rate-limit, or validate arguments. Then run Intercept as a proxy in front of the Pūrmemo MCP server.
save_conversation is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.
Yes. Add a rate_limit block to the save_conversation rule in your Intercept policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the Intercept policy for save_conversation. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
save_conversation is provided by the Pūrmemo MCP server (purmemo/purmemo-mcp). Intercept sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Open source. One binary. Zero dependencies.
npx -y @policylayer/intercept