convert_pace
AI agents call convert_pace to retrieve information from Running Formulas MCP Server without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.
Based on the tool name and server context, this tool likely converts running pace between units (e.g., min/mile to min/km). All sibling tools are pure calculations with no side effects. The empty description lowers confidence, but the pattern strongly suggests a read-only computation.
From the tool's definition Tool name is 'convert_pace'; description is empty. Sibling tools are all read-only calculation tools (predict, calculate) with no side effects.
Attacks that exploit this kind of access
convert_pace. It is categorised as a Read tool in the Running Formulas MCP Server MCP Server, which means it retrieves data without modifying state.
Register the Running Formulas MCP Server MCP server in PolicyLayer and add a rule for convert_pace: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Running Formulas MCP Server. Nothing to install.
convert_pace is a Read tool with low risk. Read-only tools are generally safe to allow by default.
Yes. Add a rate_limit block to the convert_pace rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for convert_pace. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
convert_pace is provided by the Running Formulas MCP Server MCP server (st3v/running-formulas-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
convert_pace is one line of Running Formulas MCP Server's registry record.
The record carries the whole server: verified identity, auth posture, risk grade, every tool classified, recommended policy — re-checked continuously.
Teams ship this data inside their own products. See what a licence covers →