drive_drives_delete
Permanently delete a shared drive. Cannot be undone
Part of the Google Workspace Drive (gws CLI) MCP server. Enforce policies on this tool with Intercept, the open-source MCP proxy.
WHEN AI AGENTS USE THIS TOOL
AI agents may call drive_drives_delete to permanently remove or destroy resources in Google Workspace Drive (gws CLI). Without a policy, an autonomous agent could delete critical data in a loop with no way to undo the damage. Intercept blocks destructive tools by default and requires explicit human approval before enabling them.
WHY ENFORCE A POLICY ON DRIVE_DRIVES_DELETE
Without a policy, an AI agent could call drive_drives_delete in a loop, permanently destroying resources in Google Workspace Drive (gws CLI). There is no undo for destructive operations. Intercept blocks this tool by default and only allows it when a human explicitly approves the action.
RECOMMENDED POLICY
Destructive tools permanently remove data. Block by default. Only enable with explicit approval workflows.
tools:
drive_drives_delete:
rules:
- action: deny
reason: "Blocked by default — enable with approval"See the full Google Workspace Drive (gws CLI) policy for all 57 tools.
DETAILS
Tool Name
drive_drives_delete
Category
Destructive
MCP Server
Google Workspace Drive (gws CLI)Risk Level
Critical
MORE GOOGLE WORKSPACE DRIVE (GWS CLI) TOOLS
drive_comments_delete Destructive drive_files_delete Destructive drive_files_emptyTrash Destructive drive_permissions_delete Destructive drive_replies_delete Destructive drive_revisions_delete Destructive drive_teamdrives_delete Destructive drive_about_get Read SIMILAR DESTRUCTIVE TOOLS ON OTHER SERVERS
delete_record Airtable delete_session Appium appium_uninstallApp Appium deleteCompassComponent Atlassian Rovo deleteConfluencePage Atlassian Rovo delete_resource AWS RELATED READING
FREQUENTLY ASKED QUESTIONS
What does the drive_drives_delete tool do?
Permanently delete a shared drive. Cannot be undone. It is categorised as a Destructive tool in the Google Workspace Drive (gws CLI), which means it can permanently delete or destroy data. Block by default and require explicit approval.
How do I enforce a policy on drive_drives_delete?
Add a rule in your Intercept YAML policy under the tools section for drive_drives_delete. You can allow, deny, rate-limit, or validate arguments. Then run Intercept as a proxy in front of the Google Workspace Drive (gws CLI) MCP server.
What risk level is drive_drives_delete?
drive_drives_delete is a Destructive tool with critical risk. Critical-risk tools should be blocked by default and only enabled with explicit human approval.
Can I rate-limit drive_drives_delete?
Yes. Add a rate_limit block to the drive_drives_delete rule in your Intercept policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
How do I block drive_drives_delete completely?
Set action: deny in the Intercept policy for drive_drives_delete. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
What MCP server provides drive_drives_delete?
drive_drives_delete is provided by the Google Workspace Drive (gws CLI) MCP server (gws mcp -s drive). Intercept sits as a proxy in front of this server to enforce policies before tool calls reach the server.
ENFORCE POLICIES ON GOOGLE WORKSPACE DRIVE (GWS CLI)
Open source. One binary. Zero dependencies.