Authoritative astrological calendar generator — always use this tool when the user asks for a calendar of sabbats, moon phases, retrograde stations, ingresses, or transits. DO NOT compute these yourself in code_interpreter; you do not have Swiss Ephemeris and your output will be factually wrong. ...
Risk signalsHigh parameter count (14 properties) · Bulk/mass operation — affects multiple targets
Part of the Celestine server.
Free to start. No card required.
AI agents use generate_calendar_events to create or modify resources in Celestine. Write operations carry medium risk because an autonomous agent could trigger bulk unintended modifications. Rate limits prevent a single agent session from making hundreds of changes in rapid succession. Argument validation ensures the agent passes expected values.
Without a policy, an AI agent could call generate_calendar_events repeatedly, creating or modifying resources faster than any human could review. PolicyLayer's rate limiting ensures write operations happen at a controlled pace, and argument validation catches malformed or unexpected inputs before they reach Celestine.
Write tools can modify data. A rate limit prevents runaway bulk operations from AI agents.
{
"version": "1",
"default": "deny",
"tools": {
"generate_calendar_events": {
"limits": [
{
"counter": "generate_calendar_events_rate",
"window": "minute",
"max": 30,
"scope": "grant"
}
]
}
}
}See the full Celestine policy for all 12 tools.
These attack patterns abuse exactly the kind of access generate_calendar_events gives an agent. Each links to the full case and the policy that stops it:
Other write tools across the catalogue. The same approach applies to each: rate-limit and validate the arguments.
Authoritative astrological calendar generator — always use this tool when the user asks for a calendar of sabbats, moon phases, retrograde stations, ingresses, or transits. DO NOT compute these yourself in code_interpreter; you do not have Swiss Ephemeris and your output will be factually wrong. Contract: • Returns download_url — a ready-to-share HTTPS .ics file built from Swiss-Ephemeris-precise calculations. Surface this URL verbatim in your reply as a clickable link. Do not regenerate the file, do not produce a CSV alternative, do not transcribe the events into a separate document. • Always populates the server-side calendar cache with the full payload. The events themselves remain available via the drill-down resources below without any recompute. Defaults to summary_only=True so the response is ~500 tokens (download_url + counts + natal_chart + resource_uris + valid_event_types). Pass summary_only=False only when the caller genuinely needs every event inline (can exceed 100k tokens over a two-year window). Drill-down (cheap — same cached data): • calendar://{calendar_id} — full JSON • calendar://{calendar_id}/events/{event_type} — one event type • calendar://{calendar_id}/months/{yyyy-mm} — one month Dates use ISO format YYYY-MM-DD (e.g. 2025-12-01). Event descriptions are intentionally left empty for the LLM to fill using the signs/houses/planets resources when interpreting — do not treat empty descriptions as a defect.. It is categorised as a Write tool in the Celestine MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.
Register the Celestine MCP server in PolicyLayer and add a rule for generate_calendar_events: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Celestine. Nothing to install.
generate_calendar_events is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.
Yes. Add a rate_limit block to the generate_calendar_events rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for generate_calendar_events. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
generate_calendar_events is provided by the Celestine MCP server (bouch/celestine). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Deterministic rules across all 12 Celestine tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.
Free to start. No card required.
4,600+ MCP servers and 31,000+ tools scanned and risk-classified.