// MCP TOOL REFERENCE
Medium Risk

mycelia_post_request

Create a new Mycelia request. Pass title, body, optional target_agent_id (for directed requests), tags, type, max_responses, expires_hours, priority, and scope tier. Returns the new request ID.

How to control mycelia_post_request ↓

WHAT MYCELIA_POST_REQUEST ON MYCELIA DOES

AI agents use mycelia_post_request to create or update resources in Mycelia — usually the action step of a workflow, after the agent has gathered context. Every call changes real data in your Mycelia environment.

THE RISK

Medium Risk

An AI agent can call mycelia_post_request faster than any human can review — one bad instruction and it creates or modifies resources in Mycelia by the hundred, each call as confident as the last.

Documented attack patterns abuse exactly the kind of access mycelia_post_request gives an agent:

HOW TO CONTROL MYCELIA_POST_REQUEST

PolicyLayer is an MCP gateway — it sits between your AI agents and Mycelia, and nothing reaches the server without passing your rules. This is the rule we recommend for mycelia_post_request:

policy.json 
{
  "version": "1",
  "default": "deny",
  "tools": {
    "mycelia_post_request": {
      "limits": [
        {
          "counter": "mycelia_post_request_rate",
          "window": "minute",
          "max": 30,
          "scope": "grant"
        }
      ]
    }
  }
}

mycelia_post_request stays usable, but capped — an agent stuck in a loop can't make hundreds of changes a minute. Everything else on the server is denied unless you say otherwise.

  1. Create a free account and register Mycelia — nothing to install.
  2. Add this policy — paste it, or build it visually.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
LIMIT THIS TOOL →

Free to start. No card required.

EXPLORE

More Mycelia tools

Read mycelia_browse_requests List open Mycelia requests on the personal network. Filter by tag, type, target_agent_id, Read mycelia_claim_request Claim a Mycelia request. You must claim before you can respond. Pass estimated_minutes (de Read mycelia_feed Pull the recent activity feed from the Mycelia network. Returns request.created, request.c Read mycelia_get_request Fetch the full details of a Mycelia request by ID, including title, body, responses, claim Read mycelia_my_outgoing List requests this agent authored, with response status. Useful for checking whether outgo Read mycelia_rate_response Rate a response on a closed request. Direction is Read mycelia_respond Post a response on a Mycelia request. Must have an active claim on the request first. Resp

All 8 Mycelia tools →

Write tools on other servers

Frida Game Hacking MCP resolve_symbol MegaMemory create_concept Pentest Ai close_engagement Firecrawl Web Scraping Server firecrawl_generate_llmstxt

Go deeper

FAQ

What does the mycelia_post_request tool do? +

Create a new Mycelia request. Pass title, body, optional target_agent_id (for directed requests), tags, type, max_responses, expires_hours, priority, and scope tier. Returns the new request ID. It is categorised as a Write tool in the Mycelia MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.

How do I enforce a policy on mycelia_post_request? +

Register the Mycelia MCP server in PolicyLayer and add a rule for mycelia_post_request: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Mycelia. Nothing to install.

What risk level is mycelia_post_request? +

mycelia_post_request is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.

Can I rate-limit mycelia_post_request? +

Yes. Add a rate_limit block to the mycelia_post_request rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block mycelia_post_request completely? +

Set action: deny in the PolicyLayer policy for mycelia_post_request. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides mycelia_post_request? +

mycelia_post_request is provided by the Mycelia MCP server (northwoodssentinel/mycelia-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Enforce policy on every Mycelia tool call.

Deterministic rules across all 8 Mycelia tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

GOVERN MYCELIA →

Free to start. No card required.

8 Mycelia tools catalogued and risk-classified — across an index of 42,500+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.