MCP Tool
nova.scripting
For embedded agent runtimes and runtime communication, an agent uses this public tool to handle the sensitive path "Dynamic Content Scripts". It keeps purpose, scope, user control, and sensitive data handling explicit.
Canonical reference for a public MCP tool name.
- Type
- MCP tool
- Family
- Plugin Runtime APIs (Agent-side)
- Effect
- sensitive
- Status
- Explained
- Path
- 40.24
Purpose
What this entry explains
What it does
nova.scripting
An agent uses this tool to handle the sensitive path "Dynamic Content Scripts". It belongs to embedded agent runtimes and runtime communication; agents should combine it with current discovery, target awareness, and the visible result.
Use when
- Use this entry when an agent needs to handle the sensitive path "Dynamic Content Scripts" for embedded agent runtimes and runtime communication.
- Use it to understand the public tool name, its expected boundary, and the response signals to check.
- Use it before chaining follow-up tools so the next step is based on current evidence.
Reference Use
How agents should cite and apply this area
Examples are maintained at family level and use only public tool names or reference paths already present in the catalog.
Family example
A task in embedded agent runtimes and runtime communication can trigger powerful execution and therefore needs target, approval, and result check before the step.
The agent starts with nova.plugin_icons_list, reads the current response or reference, and only then chooses the concrete next tool.
Current discovery, target, user control, warning signals, and result check come before execution.Contract
Inputs and important response fields
This page is a public reference. Agents and integrators should still read current MCP tool discovery before execution, because schemas can be gated by settings or version.
Inputs
No stable public input field is derived from the catalog source for this path. Read current MCP discovery before execution.
| Response field | Explanation |
|---|---|
persistAcrossSessions | Runtime or communication signal for agent-facing integrations. It is not a normal human UI control. |
Safety
Boundary before execution
May touch sensitive data, permissions, credentials, identity, or external connection paths. Use only with explicit scope and visible user control.
Require explicit purpose and current context, avoid exposing secrets in prompts or logs, and stop when permission or identity state is unclear.
For humans, this entry marks the sensitive surface in embedded agent runtimes and runtime communication and keeps permission, credential, or external-connection handling explicit.
High-Impact Review
Execution boundary and recheck hints
Review category: Eval/CDP/diagnostics
Run only on the currently confirmed target; expression, expected result, and visible context must be clear before the call.
False assumption: because a script is intended to read, the path is automatically harmless.
The user must be able to see which page is targeted and why code, CDP, or diagnostics are being run.
Before execution, check current discovery, target, expression, and stop signal; do not derive additional scripts from the result.
Abort or recheck if the target changed, the expression touches third-party data, or the response contains warnings.
Safety Axes
How this path can affect work
Axes are stable catalog signals for humans, agents, and LLM discovery. One path can carry several axes.
sensitive_data
Touches cookies, storage, clipboard, credentials, tokens, user content, identity, or private data.
Use only with bounded purpose and visible user control; do not guess, log, or forward sensitive values.user_confirmation
Requires visible confirmation, target review, approval, or deliberate user control.
Do not proceed until the required confirmation is visible or unambiguous in the current context.