Materials: create, read, parameters, shading, textures, and graph authoring (expression nodes, connections). Actions: - read: Read material structure. Params: assetPath - list_parameters: List overridable parameters. Params: assetPath - set_parameter: Set parameter on MaterialInstance. Params: as...
Risk signalsHigh parameter count (55 properties) · Bulk/mass operation — affects multiple targets
Part of the Ue server.
Free to start. No card required.
AI agents may call material to permanently remove or destroy resources in Ue. Without a policy, an autonomous agent could delete critical data in a loop with no way to undo the damage. PolicyLayer blocks destructive tools by default and requires explicit human approval before enabling them.
Without a policy, an AI agent could call material in a loop, permanently destroying resources in Ue. There is no undo for destructive operations. PolicyLayer blocks this tool by default and only allows it when a human explicitly approves the action.
Destructive tools permanently remove data. Block by default. Only enable with explicit approval workflows.
{
"version": "1",
"default": "deny",
"hide": [
"material"
]
}See the full Ue policy for all 22 tools.
These attack patterns abuse exactly the kind of access material gives an agent. Each links to the full case and the policy that stops it:
Other destructive tools across the catalogue. The same approach applies to each: deny by default, or require human approval.
Materials: create, read, parameters, shading, textures, and graph authoring (expression nodes, connections). Actions: - read: Read material structure. Params: assetPath - list_parameters: List overridable parameters. Params: assetPath - set_parameter: Set parameter on MaterialInstance. Params: assetPath, parameterName, parameterType, value - set_expression_value: Set value on expression node. Params: materialPath, expressionIndex, value - disconnect_property: Disconnect a material property input. Params: materialPath, property - create_instance: Create material instance. Params: parentPath, name?, packagePath? - create: Create material. Params: name, packagePath? - create_simple: Single-call simple material. Params: name, packagePath?, baseColor? ({r,g,b}), metallic?, specular?, roughness?, emissive?, usages?[] (e.g. InstancedStaticMeshes, Nanite, NiagaraSprites). Recompiles + saves in one shot (#225) - set_usage: Set EMaterialUsage flag(s) on a material. Params: assetPath, usage OR usages[], enabled? (default true). Recompiles + saves (#225) - set_shading_model: Set shading model. Params: assetPath, shadingModel - set_blend_mode: Set blend mode. Params: assetPath, blendMode - set_domain: Set material domain. Params: assetPath, materialDomain (Surface | DeferredDecal | LightFunction | Volume | PostProcess | UI | RuntimeVirtualTexture). Required for post-process / decal / UI authoring (#299/#356). - set_base_color: Set base color. Params: assetPath, color - connect_texture: Connect texture to property. Params: materialPath, texturePath, property - add_expression: Add expression node. Params: materialPath, expressionType, name?, parameterName?, group?, sortPriority?, defaultValue? (scalar number or {r,g,b,a} for vector params), value? (number for Constant, {r,g,b} for Constant3Vector, {x,y} for Constant2Vector), channels? ({r,g,b,a} bools for ComponentMask), positionX?, positionY? (#318) - connect_expressions: Wire two expressions. Params: materialPath, sourceExpression, sourceOutput?, targetExpression, targetInput? - connect_to_property: Wire expression to material output. Params: materialPath, expressionName, outputName?, property - list_expressions: List expression nodes. Params: materialPath - delete_expression: Remove expression. Params: materialPath, expressionName - list_expression_types: List available expression types - recompile: Recompile material. Pass recompileChildren=true to cascade to every MaterialInstanceConstant whose parent chain reaches this material (#421). Params: materialPath, recompileChildren? - duplicate: Duplicate material asset. Params: sourcePath, destinationPath - validate: Validate material graph — find orphans, broken refs. Params: assetPath - get_shader_stats: Shader compile stats, sampler+param counts. Params: assetPath - export_graph: Export material graph as JSON. Params: assetPath - import_graph: Rebuild graph from JSON. Params: assetPath, nodes, propertyConnections? - build_graph: Build graph from spec. Params: assetPath, nodes, propertyConnections? - render_preview: Render preview PNG. Params: assetPath, outputPath, width?, height? - begin_transaction: Begin undo transaction. Params: label? - end_transaction: End undo transaction. It is categorised as a Destructive tool in the Ue MCP Server, which means it can permanently delete or destroy data. Block by default and require explicit approval.
Register the Ue MCP server in PolicyLayer and add a rule for material: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Ue. Nothing to install.
material is a Destructive tool with critical risk. Critical-risk tools should be blocked by default and only enabled with explicit human approval.
Yes. Add a rate_limit block to the material rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for material. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
material is provided by the Ue MCP server (ue-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Deterministic rules across all 22 Ue tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.
Free to start. No card required.
4,600+ MCP servers and 31,000+ tools scanned and risk-classified.