add_file

ServerA-MEM: Agentic Memory System
CategoryWrite

WHAT IT DOES

What add_file does on A-MEM: Agentic Memory System

AI agents use add_file to create or update resources in A-MEM: Agentic Memory System — usually the action step of a workflow, after the agent has gathered context. Every call changes real data in your A-MEM: Agentic Memory System environment.

THE RISK

Medium Risk

Why add_file needs a policy

This tool creates new notes in the memory system by importing file content. While reversible (notes can be deleted via delete_atomic_note), it modifies the agent's persistent knowledge graph. Severity is medium rather than high because the blast radius is confined to the agent's internal memory—no external systems, financial transactions, or irreversible data destruction are involved.

From the tool's definition Tool description states 'Stores the content of a file...as a note in the memory system.' The verb 'stores' and the action of persisting file content into the memory graph indicates data creation/modification.

Documented attack patterns abuse exactly the kind of access add_file gives an agent:

POLICY

How to control add_file

PolicyLayer is an MCP gateway — it sits between your AI agents and A-MEM: Agentic Memory System, and nothing reaches the server without passing your rules. This is the rule we recommend for add_file:

policy.json

{
  "version": "1",
  "default": "deny",
  "tools": {
    "add_file": {
      "limits": [
        {
          "counter": "add_file_rate",
          "window": "minute",
          "max": 30,
          "scope": "grant"
        }
      ]
    }
  }
}

add_file stays usable, but capped — an agent stuck in a loop can't make hundreds of changes a minute. Everything else on the server is denied unless you say otherwise.

Create a free account and register A-MEM: Agentic Memory System — nothing to install.
Add this policy — paste it, or build it visually.
Point your MCP client (Claude, Cursor, anything) at your gateway URL.

LIMIT THIS TOOL →

Free to start. No card required.

EXPLORE

Related tools and policies

More A-MEM: Agentic Memory System tools

Destructive delete_atomic_note Deletes a note from the memory system. Removes the note from Graph and Vector Store as wel Destructive remove_relation Removes a relation between two notes. Destructive reset_memory Resets the complete memory system (Graph + Vector Store). Deletes all notes, edges, and em Execute run_memory_enzymes Runs comprehensive memory maintenance enzymes: repairs corrupted nodes, prunes old/weak li Execute research_and_store Performs deep web research on a query and stores the findings as atomic notes. Uses Google Write add_relation Adds a manual relation between two notes. Write create_atomic_note Stores a new piece of information in the memory system. Automatically classifies the note Write update_note Updates contextual summary, tags or keywords for an existing note.

All 15 A-MEM: Agentic Memory System tools →

Write tools on other servers

M-Team MCP Server download_torrent YouTube MCP Server generate_video_title Android Forensics ADB MCP Server combine_reports 0xarchive web3_signup

Go deeper

The MCP Attack Database → Documented attack patterns against MCP deployments — and the policies that stop them.
Argument validation → Checking tool call arguments against schema and policy before they run.
Scoped token → Per-person credentials that grant a defined subset of servers and tools.
Rate Limiting MCP Tool Calls: A Practical Guide →
MCP Security: Why Prompt Guardrails Aren't Enough →

FAQ

Questions about add_file

What does the add_file tool do? +

Stores the content of a file (e.g., .md) as a note in the memory system. Supports automatic chunking for large files (>16KB). Note: Requires an absolute path or the file must be in the server directory. It is categorised as a Write tool in the A-MEM: Agentic Memory System MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.

How do I enforce a policy on add_file? +

Register the A-MEM: Agentic Memory System MCP server in PolicyLayer and add a rule for add_file: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches A-MEM: Agentic Memory System. Nothing to install.

What risk level is add_file? +

add_file is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.

Can I rate-limit add_file? +

Yes. Add a rate_limit block to the add_file rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block add_file completely? +

Set action: deny in the PolicyLayer policy for add_file. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides add_file? +

add_file is provided by the A-MEM: Agentic Memory System MCP server (tobs-code/a-mem-mcp-server). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Enforce policy on every A-MEM: Agentic Memory System tool call.

Start from A-MEM: Agentic Memory System, add the rest of your stack, and see everything your agents can call. Then put policy on all of it.

CHECK YOUR STACK →

Free to start. No card required.

15 A-MEM: Agentic Memory System tools catalogued and risk-classified — across an index of 43,000+ MCP servers.