Retrieve detailed image tile information for high-resolution viewing of an artwork. This tool provides data for implementing deep zoom functionality, allowing detailed examination of the artwork at various zoom levels.\n\n
AI agents call get_artwork_image to retrieve information from Rijksmuseum MCP Server without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.
This tool only retrieves image tile data to support deep zoom viewing of artworks. It performs no create, update, delete, or execute operations. There are no financial, destructive, or code execution implications. The data returned is informational and public-facing (artwork images in a museum collection). Low severity due to the benign nature of image retrieval with no blast radius if misused by an AI agent.
From the tool's definition Tool description states 'Retrieve detailed image tile information' — a retrieval operation with no modification or side effects. The purpose is viewing artwork at various zoom levels, consistent with read-only access to museum data.
Documented attack patterns abuse exactly the kind of access get_artwork_image gives an agent:
PolicyLayer is an MCP gateway — it sits between your AI agents and Rijksmuseum MCP Server, and nothing reaches the server without passing your rules. This is the rule we recommend for get_artwork_image:
{
"version": "1",
"default": "deny",
"tools": {
"get_artwork_image": {}
}
}get_artwork_image is read-only, so it stays allowed — but everything else on the server is denied unless you say otherwise.
Free to start. No card required.
Retrieve detailed image tile information for high-resolution viewing of an artwork. This tool provides data for implementing deep zoom functionality, allowing detailed examination of the artwork at various zoom levels.\n\n. It is categorised as a Read tool in the Rijksmuseum MCP Server MCP Server, which means it retrieves data without modifying state.
Register the Rijksmuseum MCP Server MCP server in PolicyLayer and add a rule for get_artwork_image: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Rijksmuseum MCP Server. Nothing to install.
get_artwork_image is a Read tool with low risk. Read-only tools are generally safe to allow by default.
Yes. Add a rate_limit block to the get_artwork_image rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for get_artwork_image. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
get_artwork_image is provided by the Rijksmuseum MCP Server MCP server (r-huijts/rijksmuseum-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Deterministic rules across all 7 Rijksmuseum MCP Server tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.
Free to start. No card required.
7 Rijksmuseum MCP Server tools catalogued and risk-classified — across an index of 42,500+ MCP servers.