// MCP TOOL REFERENCE
Medium Risk

core_memory

Manage the explicit Core Memory pin set (v3.4.65). - pin: mark a fact as always-injected - unpin: clear the pin - list: return currently pinned facts

How to control core_memory ↓

WHAT CORE_MEMORY ON QUALIXAR/SUPERLOCALMEMORY DOES

AI agents use core_memory to create or update resources in Qualixar/superlocalmemory — usually the action step of a workflow, after the agent has gathered context. Every call changes real data in your Qualixar/superlocalmemory environment.

THE RISK

Medium Risk

The tool primarily writes/modifies persistent memory state by pinning or unpinning facts (marking them as always-injected). The 'list' sub-operation is read-only, but the dominant capability is write (modifying which facts are pinned). Unpinning could be considered mildly destructive but is reversible since the underlying fact is not deleted.

From the tool's definition 'Manage the explicit Core Memory pin set' with operations: 'pin: mark a fact as always-injected', 'unpin: clear the pin', 'list: return currently pinned facts'

Documented attack patterns abuse exactly the kind of access core_memory gives an agent:

HOW TO CONTROL CORE_MEMORY

PolicyLayer is an MCP gateway — it sits between your AI agents and Qualixar/superlocalmemory, and nothing reaches the server without passing your rules. This is the rule we recommend for core_memory:

policy.json 
{
  "version": "1",
  "default": "deny",
  "tools": {
    "core_memory": {
      "limits": [
        {
          "counter": "core_memory_rate",
          "window": "minute",
          "max": 30,
          "scope": "grant"
        }
      ]
    }
  }
}

core_memory stays usable, but capped — an agent stuck in a loop can't make hundreds of changes a minute. Everything else on the server is denied unless you say otherwise.

  1. Create a free account and register Qualixar/superlocalmemory — nothing to install.
  2. Add this policy — paste it, or build it visually.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
LIMIT THIS TOOL →

Free to start. No card required.

EXPLORE

More Qualixar/superlocalmemory tools

Execute build_code_graph build_code_graph Execute build_graph Rebuild knowledge graph edges for all facts in the active profile. Execute compact_memories Compact memory store by archiving cold/stale facts. Transitions eligible memories Execute consolidate_cognitive Run CCQ cognitive consolidation pipeline. Extracts patterns from cold/archive mem Execute quantize Run EAP quantization cycle. Maps Ebbinghaus retention scores to embedding precisi Execute reap_processes Find and kill orphaned SLM processes. Detects SLM embedding workers and other sub Execute run_maintenance Run all periodic maintenance tasks in a single call. Combines Langevin dynamics s Execute apply_refactor apply_refactor

All 59 Qualixar/superlocalmemory tools →

Write tools on other servers

Frida Game Hacking MCP resolve_symbol MegaMemory create_concept Pentest Ai close_engagement Firecrawl Web Scraping Server firecrawl_generate_llmstxt

Go deeper

FAQ

What does the core_memory tool do? +

Manage the explicit Core Memory pin set (v3.4.65). - pin: mark a fact as always-injected - unpin: clear the pin - list: return currently pinned facts. It is categorised as a Write tool in the Qualixar/superlocalmemory MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.

How do I enforce a policy on core_memory? +

Register the Qualixar/superlocalmemory MCP server in PolicyLayer and add a rule for core_memory: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Qualixar/superlocalmemory. Nothing to install.

What risk level is core_memory? +

core_memory is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.

Can I rate-limit core_memory? +

Yes. Add a rate_limit block to the core_memory rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block core_memory completely? +

Set action: deny in the PolicyLayer policy for core_memory. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides core_memory? +

core_memory is provided by the Qualixar/superlocalmemory MCP server (qualixar/superlocalmemory). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Enforce policy on every Qualixar/superlocalmemory tool call.

Deterministic rules across all 59 Qualixar/superlocalmemory tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

GOVERN QUALIXAR/SUPERLOCALMEMORY →

Free to start. No card required.

59 Qualixar/superlocalmemory tools catalogued and risk-classified — across an index of 42,500+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.