Recommend Semiotic charts for a dataset using heuristic capability descriptors. Each chart declares which data shapes it serves and which intents (trend, compare-categories, distribution, correlation, part-to-whole, etc.) it answers — the engine returns a ranked list with scores, reasons, caveats...
AI agents call suggestCharts to retrieve information from Semiotic without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.
suggestCharts retrieves and ranks visualization recommendations without side effects. It analyzes input data against a static set of chart type definitions and returns structured suggestions. This is a read-only analytical operation analogous to a search or query tool. There is no data mutation, code execution, or irreversible action.
From the tool's definition Tool description explicitly states it 'recommend[s]' and 'return[s] a ranked list with scores, reasons, caveats, and ready-to-use props' based on dataset analysis. No creation, modification, deletion, or execution of external operations occurs.
Attacks that exploit this kind of access
Recommend Semiotic charts for a dataset using heuristic capability descriptors. Each chart declares which data shapes it serves and which intents (trend, compare-categories, distribution, correlation, part-to-whole, etc.) it answers — the engine returns a ranked list with scores, reasons, caveats, and ready-to-use props. Heuristic only; no LLM call. Use the result as structured context when answering. It is categorised as a Read tool in the Semiotic MCP Server, which means it retrieves data without modifying state.
Register the Semiotic MCP server in PolicyLayer and add a rule for suggestCharts: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Semiotic. Nothing to install.
suggestCharts is a Read tool with low risk. Read-only tools are generally safe to allow by default.
Yes. Add a rate_limit block to the suggestCharts rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for suggestCharts. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
suggestCharts is provided by the Semiotic MCP server (semiotic). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →