將生成的項目文件寫入宿主工作區 完成從「寄生」到「交付」的完整閉環。 Args: project_name: 項目名稱 files: 文件映射 (JSON字符串) metadata: 元數據 (JSON字符串) Returns: 生成報告
AI agents use deliver_bluemouse_project to create or update resources in Bluemouse — usually the action step of a workflow, after the agent has gathered context. Every call changes real data in your Bluemouse environment.
This tool writes files to the host workspace, which is a Write operation. The severity is high because it writes potentially many files (a full project) to the host filesystem, which could overwrite existing files or introduce malicious content if misused. The phrasing 'parasitic to delivery' and writing to the host workspace suggests broad filesystem write access, raising the blast radius significantly.
From the tool's definition 將生成的項目文件寫入宿主工作區 (writes generated project files to the host workspace); 完成從「寄生」到「交付」的完整閉環 (completes the full loop from 'parasitic' to 'delivery')
Documented attack patterns abuse exactly the kind of access deliver_bluemouse_project gives an agent:
PolicyLayer is an MCP gateway — it sits between your AI agents and Bluemouse, and nothing reaches the server without passing your rules. This is the rule we recommend for deliver_bluemouse_project:
{
"version": "1",
"default": "deny",
"tools": {
"deliver_bluemouse_project": {
"limits": [
{
"counter": "deliver_bluemouse_project_rate",
"window": "minute",
"max": 30,
"scope": "grant"
}
]
}
}
}deliver_bluemouse_project stays usable, but capped — an agent stuck in a loop can't make hundreds of changes a minute. Everything else on the server is denied unless you say otherwise.
Free to start. No card required.
將生成的項目文件寫入宿主工作區 完成從「寄生」到「交付」的完整閉環。 Args: project_name: 項目名稱 files: 文件映射 (JSON字符串) metadata: 元數據 (JSON字符串) Returns: 生成報告. It is categorised as a Write tool in the Bluemouse MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.
Register the Bluemouse MCP server in PolicyLayer and add a rule for deliver_bluemouse_project: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Bluemouse. Nothing to install.
deliver_bluemouse_project is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.
Yes. Add a rate_limit block to the deliver_bluemouse_project rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for deliver_bluemouse_project. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
deliver_bluemouse_project is provided by the Bluemouse MCP server (peijun1700/bluemouse). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Deterministic rules across all 8 Bluemouse tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.
Free to start. No card required.
8 Bluemouse tools catalogued and risk-classified — across an index of 42,500+ MCP servers.