This tool allows updating configuration settings for various Rhombus entities. Currently supports: - Cameras: Update video settings (resolution, HDR, WDR, brightness, contrast, etc.), audio settings (recording, microphone, speaker), and device settings (name, timezone, LED control). For LED contr...
Part of the Rhombus Node server.
Free to start. No card required.
AI agents use update-tool to create or modify resources in Rhombus Node. Write operations carry medium risk because an autonomous agent could trigger bulk unintended modifications. Rate limits prevent a single agent session from making hundreds of changes in rapid succession. Argument validation ensures the agent passes expected values.
Without a policy, an AI agent could call update-tool repeatedly, creating or modifying resources faster than any human could review. PolicyLayer's rate limiting ensures write operations happen at a controlled pace, and argument validation catches malformed or unexpected inputs before they reach Rhombus Node.
Write tools can modify data. A rate limit prevents runaway bulk operations from AI agents.
{
"version": "1",
"default": "deny",
"tools": {
"update-tool": {
"limits": [
{
"counter": "update-tool_rate",
"window": "minute",
"max": 30,
"scope": "grant"
}
]
}
}
}See the full Rhombus Node policy for all 31 tools.
These attack patterns abuse exactly the kind of access update-tool gives an agent. Each links to the full case and the policy that stops it:
Other write tools across the catalogue. The same approach applies to each: rate-limit and validate the arguments.
This tool allows updating configuration settings for various Rhombus entities. Currently supports: - Cameras: Update video settings (resolution, HDR, WDR, brightness, contrast, etc.), audio settings (recording, microphone, speaker), and device settings (name, timezone, LED control). For LED control, use EXACTLY these field names in cameraDeviceSettings: - To turn LED off: {"led_stealth_mode": true} (recommended) or {"led_mode": "always_off"} - To turn LED on: {"led_stealth_mode": false} or {"led_mode": "always_on"} or {"led_mode": "auto"} - IMPORTANT: Use underscore in field names (led_mode, led_stealth_mode), not camelCase The tool supports faceted UUIDs (e.g., "cameraUuid.v0" or "cameraUuid.v1") to update specific camera facets. If no facet is specified, defaults to "v0". The tool guides users through a multi-step process: 1. Entity selection (if not provided) 2. Settings configuration with current values shown 3. Confirmation and application of changes Future support planned for: - Climate sensors - Door controllers - Environmental gateways - Audio gateways - Doorbell cameras - Badge readers The tool uses elicitation forms for rich user interaction and shows current settings before updates. --- CAMERA SETTINGS UPDATE FLOW — Use this tool for ALL camera settings updates (brightness, contrast, WDR, resolution, audio, LED, etc.). - For camera image-quality fixes: provide entityType="camera", entityUuid, and the specific settings to change in cameraVideoSettings. - Example for dark image: update-tool(entityType="camera", entityUuid="<uuid>", cameraVideoSettings='{"img_brightness": 0, "wdr_strength": 64}'). - Example for washed out: update-tool(entityType="camera", entityUuid="<uuid>", cameraVideoSettings='{"img_brightness": -50, "img_contrast": 80}'). - Saturation matters — saturation 0 yields a grayscale image. Most cameras look best with mid-range values; tune from there. CONFIRMATION FLOW (MANDATORY) — When the conversation history shows you analyzed a camera and proposed fixes, and the user replies with any affirmative ("yes", "confirm", "fix it", "apply", "do it", "go ahead", "proceed", "sure", "ok"): 1. DO NOT generate any text response first. 2. IMMEDIATELY call update-tool with the camera settings you previously identified. 3. Only after update-tool returns successfully, say "Done! Check your camera now…". NEVER respond saying settings were updated without first calling update-tool — without the call, no changes take effect. Avoid multiple rounds of confirmation; get one confirmation for all proposed changes. Output filtering (all tools): - includeFields (string[]): Dot-notation paths to keep in the response (e.g. "vehicleEvents.vehicleLicensePlate"). Omit to return all fields. - filterBy (array): Predicates to filter array items. Each entry: {field, op, value} where op is one of = != > >= < <= contains. All conditions are ANDed. Example: [{field:"vehicleLicensePlate", op:"=", value:"ABC123"}] WARNING: some tool responses exceed 400k characters — use these params to request only the data you need.. It is categorised as a Write tool in the Rhombus Node MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.
Register the Rhombus Node MCP server in PolicyLayer and add a rule for update-tool: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Rhombus Node. Nothing to install.
update-tool is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.
Yes. Add a rate_limit block to the update-tool rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for update-tool. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
update-tool is provided by the Rhombus Node MCP server (rhombus-node-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Deterministic rules across all 31 Rhombus Node tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.
Free to start. No card required.
4,600+ MCP servers and 31,000+ tools scanned and risk-classified.