This tool manages Rhombus MIND automated prompts - scheduled chatbot jobs that run a prompt at a recurring interval and store each response. Use it to list, inspect, create, update, delete, page through past responses for, share, or re-verify the schedule of an automated prompt. Modes (set "reque...
Risk signalsHigh parameter count (15 properties)
Part of the Rhombus Node server.
Free to start. No card required.
AI agents may call automated-prompts-tool to permanently remove or destroy resources in Rhombus Node. Without a policy, an autonomous agent could delete critical data in a loop with no way to undo the damage. PolicyLayer blocks destructive tools by default and requires explicit human approval before enabling them.
Without a policy, an AI agent could call automated-prompts-tool in a loop, permanently destroying resources in Rhombus Node. There is no undo for destructive operations. PolicyLayer blocks this tool by default and only allows it when a human explicitly approves the action.
Destructive tools permanently remove data. Block by default. Only enable with explicit approval workflows.
{
"version": "1",
"default": "deny",
"hide": [
"automated-prompts-tool"
]
}See the full Rhombus Node policy for all 31 tools.
These attack patterns abuse exactly the kind of access automated-prompts-tool gives an agent. Each links to the full case and the policy that stops it:
Other destructive tools across the catalogue. The same approach applies to each: deny by default, or require human approval.
This tool manages Rhombus MIND automated prompts - scheduled chatbot jobs that run a prompt at a recurring interval and store each response. Use it to list, inspect, create, update, delete, page through past responses for, share, or re-verify the schedule of an automated prompt. Modes (set "requestType"): - list: List all automated prompts in the org. Optional 'lastEvaluatedKey' / 'maxPageSize' for pagination. - get: Get a single automated prompt's settings. Requires 'promptUuid'. - create: Create a new automated prompt. Requires 'prompt', 'invokeAt' (ISO 8601 with offset, must be at least 15 minutes in the future), 'frequencyValue', 'frequencyUnit', and 'permissionGroupUuid'. Optional 'responseTemplate' and 'notifyUserUuids'. - update: Selectively update an automated prompt. Requires 'promptUuid'; only the fields you set will be changed. To change the role, the caller must have access to both the current and new role. Pass an empty 'notifyUserUuids' array to clear notifyees. - delete: Delete an automated prompt and all of its stored responses. Requires 'promptUuid'. - get-history: Page through responses generated by an automated prompt. Requires 'promptUuid'. Optional 'lastEvaluatedKey' / 'maxPageSize'. - share-response: Update the visibility of one stored response. Requires 'chatUuid' and 'visibility' (PUBLIC, ORG_WIDE, SELECT_USERS, PRIVATE). - verify-scheduled: Re-verify that the job is scheduled to trigger; the server reschedules it if missing. Requires 'promptUuid'. Notes: - Use 'user-tool' to look up user UUIDs and resolve them to names/emails. 'notifyUserUuids' must be members of the chosen 'permissionGroupUuid'. - 'invokeAt' is an ISO 8601 timestamp; both 'Z' and '+/-HH:mm' offsets are accepted. The tool converts it to milliseconds for the API. - Timestamps in the output are ISO 8601 strings with timezone offset (defaults to America/Los_Angeles when no org timezone is available). - 'submitTestPrompt' is intentionally not exposed by this tool. Output filtering (all tools): - includeFields (string[]): Dot-notation paths to keep in the response (e.g. "vehicleEvents.vehicleLicensePlate"). Omit to return all fields. - filterBy (array): Predicates to filter array items. Each entry: {field, op, value} where op is one of = != > >= < <= contains. All conditions are ANDed. Example: [{field:"vehicleLicensePlate", op:"=", value:"ABC123"}] WARNING: some tool responses exceed 400k characters — use these params to request only the data you need.. It is categorised as a Destructive tool in the Rhombus Node MCP Server, which means it can permanently delete or destroy data. Block by default and require explicit approval.
Register the Rhombus Node MCP server in PolicyLayer and add a rule for automated-prompts-tool: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Rhombus Node. Nothing to install.
automated-prompts-tool is a Destructive tool with critical risk. Critical-risk tools should be blocked by default and only enabled with explicit human approval.
Yes. Add a rate_limit block to the automated-prompts-tool rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for automated-prompts-tool. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
automated-prompts-tool is provided by the Rhombus Node MCP server (rhombus-node-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Deterministic rules across all 31 Rhombus Node tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.
Free to start. No card required.
4,600+ MCP servers and 31,000+ tools scanned and risk-classified.