refine_with_local_llm

THE RISK

Low Risk

Why refine_with_local_llm needs a policy

With no description available, it's unclear what this tool does beyond suggesting it refines something using a local LLM. Given sibling tools involve world generation and media processing, it likely modifies or refines a world (Write or Execute), but without evidence I cannot confidently assign a higher-severity category. Confidence is low due to the empty description.

From the tool's definition Tool description is empty and uninformative; tool name 'refine_with_local_llm' suggests local LLM invocation but no description confirms scope or side effects.

Documented attack patterns abuse exactly the kind of access refine_with_local_llm gives an agent:

POLICY

How to control refine_with_local_llm

PolicyLayer is an MCP gateway — it sits between your AI agents and Worldlabs, and nothing reaches the server without passing your rules. This is the rule we recommend for refine_with_local_llm:

policy.json

{
  "version": "1",
  "default": "deny",
  "tools": {
    "refine_with_local_llm": {
      "limits": [
        {
          "counter": "refine_with_local_llm_rate",
          "window": "minute",
          "max": 60,
          "scope": "grant"
        }
      ]
    }
  }
}

refine_with_local_llm gets a rate cap, and everything else on the server is denied unless you say otherwise.

Create a free account and register Worldlabs — nothing to install.
Add this policy — paste it, or build it visually.
Point your MCP client (Claude, Cursor, anything) at your gateway URL.

SET A RULE FOR THIS TOOL →

Free to start. No card required.

EXPLORE

Related tools and policies

More Worldlabs tools

Destructive delete_world delete_world Execute wait_for_world wait_for_world Execute broadcast_spatial_audio Broadcast spatial audio (Music/Ambience) to the scene. Execute generate_world_from_image generate_world_from_image Execute generate_world_from_media_asset generate_world_from_media_asset Execute generate_world_from_multi_image generate_world_from_multi_image Execute generate_world_from_text generate_world_from_text Execute generate_world_from_video generate_world_from_video

All 20 Worldlabs tools →

Other tools on other servers

Android Forensics ADB MCP Server generate_app_analysis_report Ethereum Tools add Math MCP Server complex_analysis_suite Crypto_MCP aes_encrypt

Go deeper

The MCP Attack Database → Documented attack patterns against MCP deployments — and the policies that stop them.
Tool risk categories → How PolicyLayer classifies MCP tools by what they can do.
MCP tool → What an MCP tool is and how clients discover and call it.
Rate Limiting MCP Tool Calls: A Practical Guide →
MCP Security: Why Prompt Guardrails Aren't Enough →

FAQ

Questions about refine_with_local_llm

What does the refine_with_local_llm tool do? +

refine_with_local_llm. It is categorised as a Other tool in the Worldlabs MCP Server, which means it performs auxiliary operations.

How do I enforce a policy on refine_with_local_llm? +

Register the Worldlabs MCP server in PolicyLayer and add a rule for refine_with_local_llm: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Worldlabs. Nothing to install.

What risk level is refine_with_local_llm? +

refine_with_local_llm is a Other tool with low risk. Read-only tools are generally safe to allow by default.

Can I rate-limit refine_with_local_llm? +

Yes. Add a rate_limit block to the refine_with_local_llm rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block refine_with_local_llm completely? +

Set action: deny in the PolicyLayer policy for refine_with_local_llm. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides refine_with_local_llm? +

refine_with_local_llm is provided by the Worldlabs MCP server (sandraschi/worldlabs-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Enforce policy on every Worldlabs tool call.

Start from Worldlabs, add the rest of your stack, and see everything your agents can call. Then put policy on all of it.

CHECK YOUR STACK →