save_script_source

Saves the full source code of a JavaScript script to a local file. PREFERRED over get_script_source whenever you need the whole file or want to search/read a minified script. This tool auto-formats (beautifies) minified .js/.mjs/.ts output via prettier so the saved file is human-readable. Use thi...

Server JS Reverse MCP zhizhuodemao/js-reverse-mcp
Category Write
Risk class Medium
Parameters 00 required

What save_script_source does on JS Reverse MCP

AI agents use save_script_source to create or update resources in JS Reverse MCP — usually the action step of a workflow, after the agent has gathered context. Every call changes real data in your JS Reverse MCP environment.

Why save_script_source needs a policy

This tool writes data to the local filesystem by saving script source code to a file. It creates or overwrites a local file, which is a Write operation. It is not purely Read (it has filesystem side effects), not Execute (it doesn't run code), and not Destructive (it creates/overwrites a file reversibly).

From the tool's definition 'Saves the full source code of a JavaScript script to a local file' and 'auto-formats (beautifies) minified .js/.mjs/.ts output via prettier so the saved file is human-readable'

Questions about save_script_source

What does the save_script_source tool do? +

Saves the full source code of a JavaScript script to a local file. PREFERRED over get_script_source whenever you need the whole file or want to search/read a minified script. This tool auto-formats (beautifies) minified .js/.mjs/.ts output via prettier so the saved file is human-readable. Use this for any non-trivial source inspection; only fall back to get_script_source for tiny known regions (e.g. ±20 lines around a breakpoint). Typical workflow: call save_script_source, then inspect the saved local file with your available file-reading or search tools. NOTE: because the saved file may be beautified, its line numbers may not match the original script. If you later need to set a breakpoint, use the original URL/scriptId with set_breakpoint_on_text rather than line numbers from the saved file. It is categorised as a Write tool in the JS Reverse MCP MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.

How do I enforce a policy on save_script_source? +

Register the JS Reverse MCP server in PolicyLayer and add a rule for save_script_source: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches JS Reverse MCP. Nothing to install.

What risk level is save_script_source? +

save_script_source is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.

Can I rate-limit save_script_source? +

Yes. Add a rate_limit block to the save_script_source rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block save_script_source completely? +

Set action: deny in the PolicyLayer policy for save_script_source. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides save_script_source? +

save_script_source is provided by the JS Reverse MCP server (zhizhuodemao/js-reverse-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.