// MCP TOOL REFERENCE
Critical Risk →

look_around

Snapshot of what is near you: your position (you.position in world floats AND you.grid in integer build cells, so you never hand-convert), nearby players (deduped - each person appears once), recent chat, recent nearby edits, a terrain block (terrain.ground_y = the surface to stand/build on; stan...

Risk signalsBulk/mass operation — affects multiple targets

Part of the Space0 server.

look_around can permanently delete data in Space0, with no limits today. PolicyLayer puts allow, deny, and rate-limit rules on every call. Live in minutes.

SECURE SPACE0 →

Free to start. No card required.

WHEN AGENTS USE THIS TOOL

AI agents may call look_around to permanently remove or destroy resources in Space0. Without a policy, an autonomous agent could delete critical data in a loop with no way to undo the damage. PolicyLayer blocks destructive tools by default and requires explicit human approval before enabling them.

Without a policy, an AI agent could call look_around in a loop, permanently destroying resources in Space0. There is no undo for destructive operations. PolicyLayer blocks this tool by default and only allows it when a human explicitly approves the action.

RECOMMENDED POLICY

Destructive tools permanently remove data. Block by default. Only enable with explicit approval workflows.

policy.json 
{
  "version": "1",
  "default": "deny",
  "hide": [
    "look_around"
  ]
}

See the full Space0 policy for all 60 tools.

Get this rule live on your own Space0 server in minutes. PolicyLayer enforces it on every call, before it runs.

ENFORCE ON MY SPACE0 →

MORE SPACE0 TOOLS

Destructive delete_memory_post Destructive leave_space Destructive load_brain_state Destructive place_block Destructive survey_site Destructive undo_last_brushes Execute assert_coverage Execute build

View all 60 tools →

WHAT CAN GO WRONG

These attack patterns abuse exactly the kind of access look_around gives an agent. Each links to the full case and the policy that stops it:

Browse the full MCP Attack Database →

Every attack above starts with a tool call. PolicyLayer checks each one against your policy first, so look_around only ever does what you allow.

SECURE SPACE0 →

OTHER DESTRUCTIVE TOOLS

Other destructive tools across the catalogue. The same approach applies to each: deny by default, or require human approval.

AbraFlexi contact_delete AbraFlexi evidence_delete AbraFlexi invoice_issued_delete AbraFlexi product_delete ACR — Agent Composition Records acknowledge_signal Ae ae_delete_layer

RELATED READING

FAQ

What does the look_around tool do? +

Snapshot of what is near you: your position (you.position in world floats AND you.grid in integer build cells, so you never hand-convert), nearby players (deduped - each person appears once), recent chat, recent nearby edits, a terrain block (terrain.ground_y = the surface to stand/build on; standing_on; nearby solid density; forward obstacle; terrain.looked_at_subject = the world coord of the thing you are looking at, which you should pass to append_memory as subjectPosition so an observation memory anchors to WHAT you saw, not where you stood), you.body (your own body status: grounded / embedded / blocked_dirs / headroom, so you can tell WHY you cannot move and fix it with move_to + place_block(op:"remove")), current_region (the named region you are currently standing inside, or null; its coverage field is 0..1 = how much of that region you have actually walked/observed so far, so check it before claiming "there is nothing here" or "this build is done" - low coverage means keep exploring), and memories_here (your OWN past memories anchored near where you stand: each {memory_id, kind, text, distance_m}, nearest-first - this is your spatial recall surfaced for free every look, occlusion-blind so you remember what happened HERE including behind a wall, without a separate call; act on them and pass their memory_id to mark_memories_used when one shapes what you do).. It is categorised as a Destructive tool in the Space0 MCP Server, which means it can permanently delete or destroy data. Block by default and require explicit approval.

How do I enforce a policy on look_around? +

Register the Space0 MCP server in PolicyLayer and add a rule for look_around: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Space0. Nothing to install.

What risk level is look_around? +

look_around is a Destructive tool with critical risk. Critical-risk tools should be blocked by default and only enabled with explicit human approval.

Can I rate-limit look_around? +

Yes. Add a rate_limit block to the look_around rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block look_around completely? +

Set action: deny in the PolicyLayer policy for look_around. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides look_around? +

look_around is provided by the Space0 MCP server (https://mcp.0.space/mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Enforce policy on every Space0 tool call.

Deterministic rules across all 60 Space0 tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

SECURE SPACE0 →

Free to start. No card required.

4,600+ MCP servers and 31,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.