Undo every active patch.
AI agents use restore_all_patches to create or update resources in GTAV-CLAUDE-MCP — usually the action step of a workflow, after the agent has gathered context. Every call changes real data in your GTAV-CLAUDE-MCP environment.
Restoring/undoing patches is a reversible state change (it reverts previously written patches back to their original state). This falls under Write since it modifies the game's patched state, but not destructively — it's actually a restoration action. The blast radius is medium because undoing all active patches at once could destabilize game state or remove important behavioral modifications unexpectedly.
From the tool's definition 'Undo every active patch' — reverses modifications that were previously applied
Risk signalsBulk/mass operation — affects multiple targets
Attacks that exploit this kind of access
Undo every active patch. It is categorised as a Write tool in the GTAV-CLAUDE-MCP MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.
Register the GTAV-CLAUDE- MCP server in PolicyLayer and add a rule for restore_all_patches: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches GTAV-CLAUDE-MCP. Nothing to install.
restore_all_patches is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.
Yes. Add a rate_limit block to the restore_all_patches rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for restore_all_patches. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
restore_all_patches is provided by the GTAV-CLAUDE- MCP server (tabbedscamper/gtav-claude-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →