Deregister (delete) a database server from NDB. This operation removes the dbserver and optionally its associated VM on the infrastructure. If the request does not specifically ask for the dbserver VM to be deleted, it will only remove the dbserver from NDB management. Parameters: - delete: If tr...
AI agents call delete_dbserver to permanently remove resources in NDB MCP Server — typically in cleanup and lifecycle workflows. It does its job in a single call, and there is no undo.
This tool irreversibly deletes database infrastructure—the dbserver and potentially its associated VM. These are destructive operations that cannot be undone and represent the highest severity risk. The tool removes management of the database server and can delete the underlying infrastructure, making it Destructive rather than merely Execute.
From the tool's definition Tool description explicitly states it 'Deregister (delete) a database server from NDB' and 'removes the dbserver and optionally its associated VM on the infrastructure.' Parameters include 'delete' (deletes dbserver VM from cluster) and 'remove' (delete the…
Attacks that exploit this kind of access
Deregister (delete) a database server from NDB. This operation removes the dbserver and optionally its associated VM on the infrastructure. If the request does not specifically ask for the dbserver VM to be deleted, it will only remove the dbserver from NDB management. Parameters: - delete: If true, deletes the dbserver VM from the cluster. Technically, delete will always be set to true so that the DBServer is removed from NDB. - remove: If true, delete the dbserver VM from the infrastructure. Behavior: - Always sets softRemove to false (no soft removal). - Always sets deleteVgs and deleteVmSnapshots to true. API: DELETE /dbservers/{dbserverId}. It is categorised as a Destructive tool in the NDB MCP Server MCP Server, which means it can permanently delete or destroy data. Block by default and require explicit approval.
Register the NDB MCP Server MCP server in PolicyLayer and add a rule for delete_dbserver: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches NDB MCP Server. Nothing to install.
delete_dbserver is a Destructive tool with critical risk. Critical-risk tools should be blocked by default and only enabled with explicit human approval.
Yes. Add a rate_limit block to the delete_dbserver rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for delete_dbserver. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
delete_dbserver is provided by the NDB MCP Server MCP server (rouxton/ndb-mcp-server). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →