GIA MCP Server

load_memory_pack

Validates TTL, trust level, role access, context class, and hash integrity, then loads the governed memory pack into agent context.

Instructions

Load a Governed Memory Pack into agent context. Validates TTL, trust level, role access, context class, and hash integrity before loading.

Input Schema

TableJSON Schema

Name	Required	Description
`pack_id`	Yes	Memory pack ID to load
`agent_id`	Yes	Agent requesting the load
`run_id`	Yes	Current run/pipeline ID
`operator_role`	Yes	Role of the operator
`context_class`	No	Execution context class

Implementation Reference

src/mcp/tools/memory-packs.ts:469-553 (handler)

The `registerLoadMemoryPackTool` function registers the 'load_memory_pack' MCP tool handler. It validates pack existence, status (revoked/expired), TTL, role authorization, and context class before returning the pack content. It also updates usage counters, persists usage events, and emits telemetry.

export function registerLoadMemoryPackTool(server: McpServer, engine: GovernanceEngine): void {
  server.tool(
    'load_memory_pack',
    'Load a Governed Memory Pack into agent context. Validates TTL, trust level, role access, context class, and hash integrity before loading.',
    {
      pack_id: z.string().max(100).describe('Memory pack ID to load'),
      agent_id: z.string().max(100).describe('Agent requesting the load'),
      run_id: z.string().max(100).describe('Current run/pipeline ID'),
      operator_role: z.string().max(100).describe('Role of the operator'),
      context_class: z.enum(['PROD', 'STAGING', 'DEMO', 'EVAL_ONLY', 'TRAINING']).optional().describe('Execution context class'),
    },
    { title: 'Load Memory Pack', readOnlyHint: false, idempotentHint: false, destructiveHint: false, openWorldHint: false },
    async (input) => {
      try {
        await seedDefaults();
        const pack = gmpPacks.get(input.pack_id);
        if (!pack) {
          return { content: [{ type: 'text' as const, text: JSON.stringify({ error: `Memory pack not found: ${input.pack_id}`, available: Array.from(gmpPacks.keys()) }) }], isError: true };
        }

        // Check status
        if (pack.status === 'REVOKED') {
          const promotedId = `${input.pack_id}-promoted`;
          const promotedExists = gmpPacks.has(promotedId);
          return { content: [{ type: 'text' as const, text: JSON.stringify({
            error: `Pack revoked: ${input.pack_id}`,
            hint: promotedExists
              ? `This pack was promoted to a higher trust level. Use pack_id: "${promotedId}" instead.`
              : 'This pack has been revoked and cannot be used. Re-seal a new pack with seal_memory_pack.',
            promotedPackId: promotedExists ? promotedId : undefined,
          }) }], isError: true };
        }
        // Check TTL
        if (new Date(pack.audit.expiresAt) < new Date()) {
          pack.status = 'EXPIRED';
          return { content: [{ type: 'text' as const, text: JSON.stringify({ error: `Pack expired: ${input.pack_id}`, expiredAt: pack.audit.expiresAt }) }], isError: true };
        }
        // Check role
        if (pack.policy.allowedRoles.length > 0 && !pack.policy.allowedRoles.includes(input.operator_role)) {
          return { content: [{ type: 'text' as const, text: JSON.stringify({ error: `Role '${input.operator_role}' not authorized`, allowedRoles: pack.policy.allowedRoles }) }], isError: true };
        }
        // Check context
        if (pack.policy.allowedContexts && pack.policy.allowedContexts.length > 0 && input.context_class) {
          if (!pack.policy.allowedContexts.includes(input.context_class)) {
            return { content: [{ type: 'text' as const, text: JSON.stringify({ error: `Context '${input.context_class}' not allowed`, allowedContexts: pack.policy.allowedContexts }) }], isError: true };
          }
        }

        // Update usage
        pack.audit.usageCount++;
        pack.audit.lastUsedBy = input.agent_id;
        pack.status = 'ACTIVE';
        persistPack(pack); // Write-through: usage + status update

        const loadEvent = { event: 'GMP_LOADED', memoryPackId: input.pack_id, agentId: input.agent_id, runId: input.run_id, hash: pack.hash, approvedBy: input.operator_role, timestamp: new Date().toISOString() };
        gmpUsageLog.push(loadEvent);
        persistUsageEvent(loadEvent);

        const canAutomate = ['SYSTEM', 'ORG'].includes(pack.trustLevel);

        // Telemetry: load success
        engine.telemetryService.emitToolCall('load_memory_pack', `load-${Date.now().toString(36)}`, 'ADVISORY', true);

        return { content: [{ type: 'text' as const, text: JSON.stringify({
          loaded: true,
          memoryPackId: pack.memoryPackId,
          trustLevel: pack.trustLevel,
          domain: pack.domain,
          scope: pack.scope,
          riskLevel: pack.riskLevel,
          advisoryOnly: !canAutomate,
          gateRequired: pack.policy.requiresGateForUse && pack.riskLevel === 'MANDATORY',
          content: pack.content,
          usageCount: pack.audit.usageCount,
          expiresAt: pack.audit.expiresAt,
        }, null, 2) }] };
      } catch (error) {
        // Telemetry: load failure
        engine.telemetryService.emitToolCall('load_memory_pack', `load-${Date.now().toString(36)}`, 'ADVISORY', false);

        return { content: [{ type: 'text' as const, text: JSON.stringify({ error: 'LOAD_FAILED', message: String(error) }) }], isError: true };
      }
    }
  );
}

src/mcp/tools/memory-packs.ts:473-479 (schema)

Zod schema for the 'load_memory_pack' tool input. Defines required parameters: pack_id (string max 100), agent_id (string max 100), run_id (string max 100), operator_role (string max 100), and optional context_class (PROD/STAGING/DEMO/EVAL_ONLY/TRAINING).

{
  pack_id: z.string().max(100).describe('Memory pack ID to load'),
  agent_id: z.string().max(100).describe('Agent requesting the load'),
  run_id: z.string().max(100).describe('Current run/pipeline ID'),
  operator_role: z.string().max(100).describe('Role of the operator'),
  context_class: z.enum(['PROD', 'STAGING', 'DEMO', 'EVAL_ONLY', 'TRAINING']).optional().describe('Execution context class'),
},

src/mcp/tools/memory-packs.ts:1008-1015 (registration)

The `registerMemoryPackTools` function calls all 6 GMP tool registrations including `registerLoadMemoryPackTool`. This is called from the MCP server registration.

export function registerMemoryPackTools(server: McpServer, engine: GovernanceEngine): void {
  registerSealMemoryPackTool(server, engine);
  registerLoadMemoryPackTool(server, engine);
  registerTransferMemoryPackTool(server, engine);
  registerComposeMemoryPacksTool(server, engine);
  registerDistillMemoryPackTool(server, engine);
  registerPromoteMemoryPackTool(server, engine);
}

src/mcp/server.ts:106-106 (registration)
The `registerMemoryPackTools` is registered as a 'tenant' tier tool at the MCP server level, which includes load_memory_pack.
```
{ tier: 'tenant', register: registerMemoryPackTools, description: 'memory_packs (seal, load, transfer, compose, distill, promote)' },
```

src/mcp/tools/memory-packs.ts:31-65 (helper)

The `GMPPack` interface defines the structure of a Governed Memory Pack, including the content fields (principles, sop, heuristics, antiPatterns) that load_memory_pack returns to the agent context.

interface GMPPack {
  memoryPackId: string;
  version: string;
  type: string;
  trustLevel: string;
  domain: string;
  scope: string[];
  riskLevel: string;
  ttlHours: number;
  createdBy: string;
  signedBy: string;
  hash: string;
  status: string;
  policy: {
    readOnly: boolean;
    writeBackAllowed: boolean;
    exportAllowed: boolean;
    requiresGateForUse: boolean;
    allowedRoles: string[];
    allowedContexts?: string[];
  };
  content: {
    principles: string[];
    sop: string[];
    heuristics: string[];
    antiPatterns: string[];
  };
  audit: {
    createdAt: string;
    lastReviewed: string;
    expiresAt: string;
    usageCount: number;
    lastUsedBy?: string;
  };
}

Tool Definition Quality

B3.3/5.0

Behavior3/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations are minimal (readOnlyHint=false, destructiveHint=false). The description adds that validations occur before loading, providing some behavioral context. However, it does not explain side effects (e.g., modifying agent context) or error handling on validation failure. No contradiction with annotations.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Two sentences, front-loaded with purpose, followed by validation details. No wasted words. Perfectly concise for the complexity.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

The tool has 5 parameters and no output schema. The description covers purpose and validations but omits return value, error behavior, or usage context given many sibling tools. Adequate but not fully complete for an agent unfamiliar with the domain.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100% with clear descriptions for each parameter. The description's mention of validating role access and context class aligns with operator_role and context_class, but does not add significant new detail beyond schema. Baseline 3 is appropriate given high coverage.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the verb 'load' and the resource 'Governed Memory Pack' into agent context. It also mentions validations, adding specificity. However, it does not explicitly differentiate from sibling tools like compose or promote, but the verb itself provides distinction.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

No explicit guidance on when to use this tool versus alternatives such as compose_memory_packs or promote_memory_pack. The description implies usage when needing to load a pack, but lacks when-not-to-use or prerequisite conditions.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/knowledgepa3/gia-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server