MCP Tool
nova.guarded_send_message
For risk-bounded actions with visible user control, an agent uses this public tool to check the state or evidence for "Guarded Send". It explains which current signal can be used as evidence and when a follow-up step needs a fresh target check.
Canonical reference for a public MCP tool name.
- Type
- MCP tool
- Family
- Guarded Actions (High Impact)
- Effect
- read-only
- Status
- Explained
- Path
- 6.1
Purpose
What this entry explains
What it does
nova.guarded_send_message
An agent uses this tool to check the state or evidence for "Guarded Send". It belongs to risk-bounded actions with visible user control; agents should combine it with current discovery, target awareness, and the visible result.
Use when
- Use this entry when an agent needs to check the state or evidence for "Guarded Send" for risk-bounded actions with visible user control.
- Use it to understand the public tool name, its expected boundary, and the response signals to check.
- Use it before chaining follow-up tools so the next step is based on current evidence.
Reference Use
How agents should cite and apply this area
Examples are maintained at family level and use only public tool names or reference paths already present in the catalog.
Family example
A task in risk-bounded actions with visible user control can trigger powerful execution and therefore needs target, approval, and result check before the step.
The agent starts with nova.guarded_send_message, reads the current response or reference, and only then chooses the concrete next tool.
Current discovery, target, user control, warning signals, and result check come before execution.Contract
Inputs and important response fields
This page is a public reference. Agents and integrators should still read current MCP tool discovery before execution, because schemas can be gated by settings or version.
Inputs
No stable public input field is derived from the catalog source for this path. Read current MCP discovery before execution.
Response fields
No fixed public response field is derived from the catalog source for this path. Use current tool discovery and the actual response before chaining the next step.
Safety
Boundary before execution
Reads current state or evidence. It should not be treated as permission to act without a fresh next-step check.
Use the response as current evidence, then choose a more specific next tool only after target, scope, and freshness are clear.
For humans, this entry explains what an agent reads in risk-bounded actions with visible user control and which current signal should be checked before trusting the result.
High-Impact Review
Execution boundary and recheck hints
Review category: Auto-apply/mutating flows
Mutating steps may run only with confirmed target, expected effect, user control, and result check.
False assumption: a guard or auto-apply signal replaces current target and result checks.
The user must be able to review action, target, approval, block signal, and visible result.
Execute only the intended step, then verify state and stop on warning, block, or target change.
Recheck if candidate budget, gate, visible state, or expected effect do not line up.
Safety Axes
How this path can affect work
Axes are stable catalog signals for humans, agents, and LLM discovery. One path can carry several axes.
read_current_state
Reads current state, response signals, or evidence without treating that alone as permission for a follow-up action.
Use the signal as current evidence and re-check target, scope, and visible state before any follow-up action.high_impact_execution
Runs or prepares JavaScript, CDP, plugin code, auto-apply, or other powerful execution paths.
Explicitly confirm current tool discovery, target, scope, user control, and result check before execution.user_confirmation
Requires visible confirmation, target review, approval, or deliberate user control.
Do not proceed until the required confirmation is visible or unambiguous in the current context.