// MCP TOOL REFERENCE
High Risk →

create_task

Create a new task and start it immediately with Claude Code

How to control create_task ↓

WHAT CREATE_TASK ON SYSTEMPROMPT CODING AGENT DOES

AI agents invoke create_task to trigger actions in SystemPrompt Coding Agent. What it does depends on the arguments the agent supplies, and its effects often reach beyond the immediate call — builds kicked off, notifications sent, workflows started.

THE RISK

High Risk

This tool does more than just write data: it triggers autonomous execution of an AI coding agent (Claude Code CLI) that will perform complex programming tasks on the local development environment. The 'start it immediately' phrasing confirms active execution begins.

From the tool's definition "Create a new task and start it immediately with Claude Code" — starts an autonomous AI coding assistant to perform programming tasks

Documented attack patterns abuse exactly the kind of access create_task gives an agent:

HOW TO CONTROL CREATE_TASK

PolicyLayer is an MCP gateway — it sits between your AI agents and SystemPrompt Coding Agent, and nothing reaches the server without passing your rules. This is the rule we recommend for create_task:

policy.json 
{
  "version": "1",
  "default": "deny",
  "tools": {
    "create_task": {
      "limits": [
        {
          "counter": "create_task_rate",
          "window": "minute",
          "max": 10,
          "scope": "grant"
        }
      ]
    }
  }
}

create_task stays usable, but rate-capped — a runaway agent can't fire it dozens of times a minute. Everything else on the server is denied unless you say otherwise.

  1. Create a free account and register SystemPrompt Coding Agent — nothing to install.
  2. Add this policy — paste it, or build it visually.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
RATE-LIMIT THIS TOOL →

Free to start. No card required.

EXPLORE

More SystemPrompt Coding Agent tools

Destructive clean_state Clean up system state by removing all tasks Destructive end_task End a task and clean up the AI model session Execute check_status Check the status of Claude Code SDK and Gemini CLI availability by attempting to initiate Execute update_task Send instructions to an active AI process (Claude Code or Gemini CLI) Read get_prompt Get a specific prompt by ID or list all available prompts if no ID is provided Read report Generate a report on task status. Shows all tasks if no ID provided, or details for a spec Read update_stats Get current statistics on tasks and active sessions

All 8 SystemPrompt Coding Agent tools →

Execute tools on other servers

Frida Game Hacking MCP remove_breakpoint Procmon request_elevation WireMCP capture_packets Pentest Ai run_probe

Go deeper

FAQ

What does the create_task tool do? +

Create a new task and start it immediately with Claude Code. It is categorised as a Execute tool in the SystemPrompt Coding Agent MCP Server, which means it can trigger actions or run processes. Use rate limits and argument validation.

How do I enforce a policy on create_task? +

Register the SystemPrompt Coding Agent MCP server in PolicyLayer and add a rule for create_task: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches SystemPrompt Coding Agent. Nothing to install.

What risk level is create_task? +

create_task is a Execute tool with high risk. Execute tools should be rate-limited and have argument validation enabled.

Can I rate-limit create_task? +

Yes. Add a rate_limit block to the create_task rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block create_task completely? +

Set action: deny in the PolicyLayer policy for create_task. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides create_task? +

create_task is provided by the SystemPrompt Coding Agent MCP server (systempromptio/systemprompt-code-orchestrator). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Enforce policy on every SystemPrompt Coding Agent tool call.

Deterministic rules across all 8 SystemPrompt Coding Agent tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

GOVERN SYSTEMPROMPT CODING AGENT →

Free to start. No card required.

8 SystemPrompt Coding Agent tools catalogued and risk-classified — across an index of 42,500+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.