ADR-153 supporting verb — create or verify bench suites used by metaharness_evolve --bench. Bench suites are JSON files of {input, expectedOutput, weight} tasks; scoring against a fixed corpus decouples evolution from flaky/slow/undersized
AI agents use metaharness_bench to create or update resources in Ruflo — usually the action step of a workflow, after the agent has gathered context. Every call changes real data in your Ruflo environment.
This tool creates or verifies benchmark suite files (JSON configurations with input, output, and weight data). While this is reversible data creation/modification rather than destructive deletion or code execution, it does write persistent configuration data that affects system behavior.
From the tool's definition Tool description explicitly uses 'create or verify bench suites' and 'JSON files' — indicating creation and modification of test/benchmark data structures. The write operations involve storing benchmark configurations.
Attacks that exploit this kind of access
ADR-153 supporting verb — create or verify bench suites used by metaharness_evolve --bench. Bench suites are JSON files of {input, expectedOutput, weight} tasks; scoring against a fixed corpus decouples evolution from flaky/slow/undersized. It is categorised as a Write tool in the Ruflo MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.
Register the Ruflo MCP server in PolicyLayer and add a rule for metaharness_bench: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Ruflo. Nothing to install.
metaharness_bench is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.
Yes. Add a rate_limit block to the metaharness_bench rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for metaharness_bench. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
metaharness_bench is provided by the Ruflo MCP server (ruvnet/ruflo). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
metaharness_bench is one line of Ruflo's registry record.
The record carries the whole server: verified identity, auth posture, risk grade, every tool classified, recommended policy — re-checked continuously.
Teams ship this data inside their own products. See what a licence covers →