Record a causal edge between two memory entries via CausalMemoryGraph Use when generic memory_* tools are wrong because you need AgentDB-specific controllers (HNSW vector search, hierarchical tiers, causal-graph links, pattern store/recall, RaBitQ quantization). For simple key-value persistence, ...
AI agents use agentdb_causal-edge to create or update resources in Ruflo — usually the action step of a workflow, after the agent has gathered context. Every call changes real data in your Ruflo environment.
This tool creates new relationships (causal edges) in a memory graph between two entries. While it modifies internal state rather than external systems, it is a Write operation because it creates or establishes new data structures reversibly. It is not Destructive because edges can be created and removed without permanent loss.
From the tool's definition Tool name 'agentdb_causal-edge' and description specify 'Record a causal edge between two memory entries via CausalMemoryGraph', which creates or modifies data in the agent's memory graph structure. The term 'Record' indicates data creation/persistence.
Attacks that exploit this kind of access
Record a causal edge between two memory entries via CausalMemoryGraph Use when generic memory_* tools are wrong because you need AgentDB-specific controllers (HNSW vector search, hierarchical tiers, causal-graph links, pattern store/recall, RaBitQ quantization). For simple key-value persistence, memory_store/memory_retrieve are simpler. For unrelated file work, native Read/Write are fine. It is categorised as a Write tool in the Ruflo MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.
Register the Ruflo MCP server in PolicyLayer and add a rule for agentdb_causal-edge: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Ruflo. Nothing to install.
agentdb_causal-edge is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.
Yes. Add a rate_limit block to the agentdb_causal-edge rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for agentdb_causal-edge. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
agentdb_causal-edge is provided by the Ruflo MCP server (ruvnet/ruflo). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
agentdb_causal-edge is one line of Ruflo's registry record.
The record carries the whole server: verified identity, auth posture, risk grade, every tool classified, recommended policy — re-checked continuously.
Teams ship this data inside their own products. See what a licence covers →