// MCP TOOL REFERENCE
Low Risk

state_machine_function

Tool for invoking a specific AWS Step Functions state machine with parameters.

Single-target operation

Part of the AWS Step Functions Tool MCP Server MCP server. Enforce policies on this tool with Intercept, the open-source MCP proxy.

awslabs.stepfunctions-tool-mcp-server Other
// WHEN AI AGENTS USE THIS TOOL

AI agents call state_machine_function to perform operations in AWS Step Functions Tool MCP Server. While the risk category is not fully classified, applying a rate limit gives you visibility into how often the tool is called and prevents unexpected bursts of activity from autonomous agents.

// WHY ENFORCE A POLICY ON STATE_MACHINE_FUNCTION

Applying a policy to state_machine_function gives you an audit trail of every call an AI agent makes. Even for low-risk tools, visibility into agent behaviour helps you debug issues, optimise workflows, and maintain compliance with your organisation's security requirements.

// RECOMMENDED POLICY

Apply a rate limit to control usage and monitor for unexpected behaviour.

aws-step-functions-tool-mcp-server.yaml 
tools:
  state_machine_function:
    rules:
      - action: allow
        rate_limit:
          max: 60
          window: 60

See the full AWS Step Functions Tool MCP Server policy for all 1 tools.

// DETAILS
Tool Name state_machine_function
Category Other
MCP Server AWS Step Functions Tool MCP Server MCP Server
Risk Level Low
// WHAT CAN GO WRONG

Agents calling other-class tools like state_machine_function have been implicated in these attack patterns. Read the full case and prevention policy for each:

Browse the full MCP Attack Database →

// OTHER OTHER TOOLS ACROSS MCP SERVERS

Other tools in the Other risk category across the catalogue. The same policy patterns (rate-limit, validate) apply to each.

Adjust Reporting Server adjust-reporting Clear Thought Server collaborativereasoning Clear Thought Server decisionframework Clear Thought Server designpattern Clear Thought Server mentalmodel Clear Thought Server metacognitivemonitoring
// RELATED READING
// FAQ
What does the state_machine_function tool do? +

Tool for invoking a specific AWS Step Functions state machine with parameters.. It is categorised as a Other tool in the AWS Step Functions Tool MCP Server MCP Server, which means it performs auxiliary operations.

How do I enforce a policy on state_machine_function? +

Add a rule in your Intercept YAML policy under the tools section for state_machine_function. You can allow, deny, rate-limit, or validate arguments. Then run Intercept as a proxy in front of the AWS Step Functions Tool MCP Server MCP server.

What risk level is state_machine_function? +

state_machine_function is a Other tool with low risk. Read-only tools are generally safe to allow by default.

Can I rate-limit state_machine_function? +

Yes. Add a rate_limit block to the state_machine_function rule in your Intercept policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block state_machine_function completely? +

Set action: deny in the Intercept policy for state_machine_function. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides state_machine_function? +

state_machine_function is provided by the AWS Step Functions Tool MCP Server MCP server (awslabs.stepfunctions-tool-mcp-server). Intercept sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Let agents act without letting them run wild.

Deterministic policy on every MCP tool call. Per-identity grants. Full audit log.

GET STARTED →
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.