Chat with a Camber agent with the specified tag and message. Returns: The agent's reply text. The run may reference output files in Camber Stash (stash://... paths). Those files live in the cloud until the user copies them locally. After the call — sync stash outputs (user's terminal, Camber CLI)...
Part of the Camber - Remote Agentic Data Science server.
Free to start. No card required.
AI agents invoke agents_chat to trigger processes or run actions in Camber - Remote Agentic Data Science. Execute operations can have side effects beyond the immediate call -- triggering builds, sending notifications, or starting workflows. Rate limits and argument validation are essential to prevent runaway execution.
agents_chat can trigger processes with real-world consequences. An uncontrolled agent might start dozens of builds, send mass notifications, or kick off expensive compute jobs. PolicyLayer enforces rate limits and validates arguments to keep execution within safe bounds.
Execute tools trigger processes. Rate-limit and validate arguments to prevent unintended side effects.
{
"version": "1",
"default": "deny",
"tools": {
"agents_chat": {
"limits": [
{
"counter": "agents_chat_rate",
"window": "minute",
"max": 10,
"scope": "grant"
}
]
}
}
}See the full Camber - Remote Agentic Data Science policy for all 5 tools.
These attack patterns abuse exactly the kind of access agents_chat gives an agent. Each links to the full case and the policy that stops it:
Other execute tools across the catalogue. The same approach applies to each: rate-limit and validate the arguments.
Chat with a Camber agent with the specified tag and message. Returns: The agent's reply text. The run may reference output files in Camber Stash (stash://... paths). Those files live in the cloud until the user copies them locally. After the call — sync stash outputs (user's terminal, Camber CLI): 1. Note every stash://user/... path the agent produced or mentioned. 2. Download to the user's machine, e.g. camber stash cp stash://<user>/<path/to/file> ./<local_filename> (use a directory path for ./ if copying a folder; see camber stash cp --help). 3. To browse first: camber stash ls stash://<user>/... 4. Confirm with the user where files were saved. Docs: https://docs.cambercloud.com/docs/stash/ and https://docs.cambercloud.com/docs/camber-cli/stash. It is categorised as a Execute tool in the Camber - Remote Agentic Data Science MCP Server, which means it can trigger actions or run processes. Use rate limits and argument validation.
Register the Camber - Remote Agentic Data Science MCP server in PolicyLayer and add a rule for agents_chat: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Camber - Remote Agentic Data Science. Nothing to install.
agents_chat is a Execute tool with high risk. Execute tools should be rate-limited and have argument validation enabled.
Yes. Add a rate_limit block to the agents_chat rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for agents_chat. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
agents_chat is provided by the Camber - Remote Agentic Data Science MCP server (https://camber-mcp.cambercloud.com/mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Deterministic rules across all 5 Camber - Remote Agentic Data Science tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.
Free to start. No card required.
4,600+ MCP servers and 31,000+ tools scanned and risk-classified.