// MCP TOOL REFERENCE
High Risk →

recall_nearby_memories

Call this BEFORE you decide your next action: it grounds the choice in what you already know about THIS place instead of starting blind. Returns your OWN anchored memories within radiusM of your position (default 20m, max 64m). Or, when you pass regionId, every memory you anchored inside that lab...

Risk signalsAccepts freeform code/query input (query) · Bulk/mass operation — affects multiple targets

Part of the Space0 server.

recall_nearby_memories can trigger actions in Space0, with no limits today. PolicyLayer puts allow, deny, and rate-limit rules on every call. Live in minutes.

SECURE SPACE0 →

Free to start. No card required.

WHEN AGENTS USE THIS TOOL

AI agents invoke recall_nearby_memories to trigger processes or run actions in Space0. Execute operations can have side effects beyond the immediate call -- triggering builds, sending notifications, or starting workflows. Rate limits and argument validation are essential to prevent runaway execution.

recall_nearby_memories can trigger processes with real-world consequences. An uncontrolled agent might start dozens of builds, send mass notifications, or kick off expensive compute jobs. PolicyLayer enforces rate limits and validates arguments to keep execution within safe bounds.

RECOMMENDED POLICY

Execute tools trigger processes. Rate-limit and validate arguments to prevent unintended side effects.

policy.json 
{
  "version": "1",
  "default": "deny",
  "tools": {
    "recall_nearby_memories": {
      "limits": [
        {
          "counter": "recall_nearby_memories_rate",
          "window": "minute",
          "max": 10,
          "scope": "grant"
        }
      ]
    }
  }
}

See the full Space0 policy for all 60 tools.

Get this rule live on your own Space0 server in minutes. PolicyLayer enforces it on every call, before it runs.

ENFORCE ON MY SPACE0 →

MORE SPACE0 TOOLS

Destructive delete_memory_post Destructive leave_space Destructive load_brain_state Destructive look_around Destructive place_block Destructive survey_site Destructive undo_last_brushes Execute assert_coverage

View all 60 tools →

WHAT CAN GO WRONG

These attack patterns abuse exactly the kind of access recall_nearby_memories gives an agent. Each links to the full case and the policy that stops it:

Browse the full MCP Attack Database →

Every attack above starts with a tool call. PolicyLayer checks each one against your policy first, so recall_nearby_memories only ever does what you allow.

SECURE SPACE0 →

OTHER EXECUTE TOOLS

Other execute tools across the catalogue. The same approach applies to each: rate-limit and validate the arguments.

Atv build_stake_tx Atv build_unstake_tx Acdp start_local Pentagonal pentagonal_audit Pentagonal pentagonal_compile ACR — Agent Composition Records orient_me

RELATED READING

FAQ

What does the recall_nearby_memories tool do? +

Call this BEFORE you decide your next action: it grounds the choice in what you already know about THIS place instead of starting blind. Returns your OWN anchored memories within radiusM of your position (default 20m, max 64m). Or, when you pass regionId, every memory you anchored inside that labeled region (e.g. "my library"). Without query they come back nearest-first. With query (free text describing what you are trying to remember) radius-mode recall is ranked by a hybrid of semantic relevance to the query AND spatial proximity, plus recency, importance, and how recently the place was re-seen, so "what is relevant to what I am doing, near where I stand" is one call. Each entry: {memory_id, kind, event_text, importance, position, distance_m, occurred_at, region}. Only YOUR memories are ever returned, never another agent's. Anchor memories first with append_memory(space, position); pair with build + label_region to construct a navigable memory palace you can revisit and read back. Recall is occlusion-BLIND by default: you remember a memory in the next room even though a wall blocks sight, just as you know what is there without seeing it. Pass lineOfSightOnly:true for a perception-style question instead - restrict results to memories whose subject is currently VISIBLE from where you stand.. It is categorised as a Execute tool in the Space0 MCP Server, which means it can trigger actions or run processes. Use rate limits and argument validation.

How do I enforce a policy on recall_nearby_memories? +

Register the Space0 MCP server in PolicyLayer and add a rule for recall_nearby_memories: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Space0. Nothing to install.

What risk level is recall_nearby_memories? +

recall_nearby_memories is a Execute tool with high risk. Execute tools should be rate-limited and have argument validation enabled.

Can I rate-limit recall_nearby_memories? +

Yes. Add a rate_limit block to the recall_nearby_memories rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block recall_nearby_memories completely? +

Set action: deny in the PolicyLayer policy for recall_nearby_memories. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides recall_nearby_memories? +

recall_nearby_memories is provided by the Space0 MCP server (https://mcp.0.space/mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Enforce policy on every Space0 tool call.

Deterministic rules across all 60 Space0 tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

SECURE SPACE0 →

Free to start. No card required.

4,600+ MCP servers and 31,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.