upsert_task_finding

Preview or apply an idempotent local finding upsert scoped by task and fingerprint.

Server Todos @hasna/todos
Category Write
Risk class Medium
Parameters 00 required

What upsert_task_finding does on Todos

AI agents use upsert_task_finding to create or update resources in Todos — usually the action step of a workflow, after the agent has gathered context. Every call changes real data in your Todos environment.

Why upsert_task_finding needs a policy

The tool creates or modifies task findings, which is a Write category action. The 'idempotent' and 'local' qualifiers suggest the operation is reversible and scoped, reducing severity below high. Medium severity accounts for potential misuse creating or modifying many findings that could clutter or mislead task tracking, but without irreversible deletion or external side effects.

From the tool's definition Tool name contains 'upsert' which is a Write operation (create or update). Description states 'idempotent local finding upsert scoped by task and fingerprint' — upsert is explicitly a create-or-update operation that modifies data reversibly.

Questions about upsert_task_finding

What does the upsert_task_finding tool do? +

Preview or apply an idempotent local finding upsert scoped by task and fingerprint. It is categorised as a Write tool in the Todos MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.

How do I enforce a policy on upsert_task_finding? +

Register the Todos MCP server in PolicyLayer and add a rule for upsert_task_finding: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Todos. Nothing to install.

What risk level is upsert_task_finding? +

upsert_task_finding is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.

Can I rate-limit upsert_task_finding? +

Yes. Add a rate_limit block to the upsert_task_finding rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block upsert_task_finding completely? +

Set action: deny in the PolicyLayer policy for upsert_task_finding. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides upsert_task_finding? +

upsert_task_finding is provided by the Todos MCP server (@hasna/todos). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

// LOOK UP ANOTHER SERVER

Every MCP server has a record like this.

Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.

Teams ship this data inside their own products. See what a licence covers →

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.