图像理解工具: - 何时调用:当用户提到“看图、看截图、看看这张图片/界面/页面/报错/架构/布局/组件结构/页面结构”等需求,或者在对话中出现图片附件并询问与图片内容相关的问题(包括 UI/前端界面结构、代码截图、日志/报错截图、文档截图、表单、表格等),都应优先调用本工具,而不是只用文本推理。 - 图片来源:1) 用户粘贴图片时直接调用,无需手动指定路径 2) 指定本地图片路径,如 ./screenshot.png 3) 指定图片 URL,如 https://example.com/image.png。 - 提示词(prompt)约定: - **不要**在调用本工具前自己构造一大...
Part of the Luma Events MCP server. Enforce policies on this tool with Intercept, the open-source MCP proxy.
AI agents call image_understand to perform operations in Luma Events. While the risk category is not fully classified, applying a rate limit gives you visibility into how often the tool is called and prevents unexpected bursts of activity from autonomous agents.
Applying a policy to image_understand gives you an audit trail of every call an AI agent makes. Even for low-risk tools, visibility into agent behaviour helps you debug issues, optimise workflows, and maintain compliance with your organisation's security requirements.
Apply a rate limit to control usage and monitor for unexpected behaviour.
tools:
image_understand:
rules:
- action: allow
rate_limit:
max: 60
window: 60See the full Luma Events policy for all 1 tools.
Agents calling other-class tools like image_understand have been implicated in these attack patterns. Read the full case and prevention policy for each:
Other tools in the Other risk category across the catalogue. The same policy patterns (rate-limit, validate) apply to each.
图像理解工具: - 何时调用:当用户提到“看图、看截图、看看这张图片/界面/页面/报错/架构/布局/组件结构/页面结构”等需求,或者在对话中出现图片附件并询问与图片内容相关的问题(包括 UI/前端界面结构、代码截图、日志/报错截图、文档截图、表单、表格等),都应优先调用本工具,而不是只用文本推理。 - 图片来源:1) 用户粘贴图片时直接调用,无需手动指定路径 2) 指定本地图片路径,如 ./screenshot.png 3) 指定图片 URL,如 https://example.com/image.png。 - 提示词(prompt)约定: - **不要**在调用本工具前自己构造一大段复杂分析提示词; - 直接把“用户关于图片的原始问题/指令”作为 prompt 传入即可,例如: - “这张图是什么界面?整体结构是什么样的?” - “帮我从前端实现角度拆解这个页面的布局和组件结构”; - Luma 会在服务器内部自动拼接系统级视觉说明和分析模板,调用底层视觉模型完成完整理解; - 你只需要确保 prompt 准确表达用户对这张图想了解的内容,无需重复描述图片细节或编写长篇提示词。. It is categorised as a Other tool in the Luma Events MCP Server, which means it performs auxiliary operations.
Add a rule in your Intercept YAML policy under the tools section for image_understand. You can allow, deny, rate-limit, or validate arguments. Then run Intercept as a proxy in front of the Luma Events MCP server.
image_understand is a Other tool with low risk. Read-only tools are generally safe to allow by default.
Yes. Add a rate_limit block to the image_understand rule in your Intercept policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the Intercept policy for image_understand. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
image_understand is provided by the Luma Events MCP server (luma-mcp). Intercept sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Open source. One binary. Zero dependencies.
npx -y @policylayer/intercept