Delegate work to a specialist AI agent and track the assigned task. Also known as: hand this off, assign task, spawn agent, have an agent do it, autonomous work. Automatically checks authorization, rate limits, quality gates, model routing, and budget policy before spawning. Omit model_tier/provi...
AI agents invoke spawn_agent_task to trigger actions in OrgX. What it does depends on the arguments the agent supplies, and its effects often reach beyond the immediate call — builds kicked off, notifications sent, workflows started.
| Parameter | Type | Required | Description |
|---|---|---|---|
task | string | — | Task instructions for the target agent |
agent | string | — | Target agent identifier or alias |
model | string | — | Optional exact model identifier when the user explicitly chooses one. Omit to let OrgX resolve the model from task, tier, provider, policy, and budget. |
context | string | — | Optional supporting context or background for the task |
task_id | string | — | Optional task UUID to bind the spawned run to a specific scaffolded task, enabling direct task-level progress rollup. Use create_entity type=task first if the t |
_context | object | — | Client context for conversation tracking (strongly recommended for cross-client continuity) |
deadline | string | — | Optional: When this is needed by (ISO date or plain text). |
provider | string | — | Optional provider preference. Use auto unless the user requests a specific provider or the budget/capability comparison has selected one. |
model_tier | string | — | Optional model tier override. Omit to let OrgX auto-route according to task complexity. Use standard for controlled verification runs; use balanced or precision |
budget_mode | string | — | Optional budget posture override. Omit to let OrgX apply workspace policy. Use cheapest_valid for controlled reliability/validation runs where cost must be pinn |
sdk_backend | string | — | Preferred execution backend. Use openai for cloud-safe execution, claude for Claude SDK routing, or auto to let OrgX decide. |
max_cost_usd | number | — | Optional per-task hard cost ceiling in USD. If the estimate exceeds this, OrgX should block, downgrade, or ask for approval before dispatch. |
Parameters from the server's own tool schema.
spawn_agent_task triggers real processes with real consequences. An agent gone sideways doesn't fire it once — it starts dozens of builds, sends mass notifications, or burns through compute before anyone looks up.
Risk signalsHigh parameter count (36 properties)
Documented attack patterns abuse exactly the kind of access spawn_agent_task gives an agent:
PolicyLayer is an MCP gateway — it sits between your AI agents and OrgX, and nothing reaches the server without passing your rules. This is the rule we recommend for spawn_agent_task:
{
"version": "1",
"default": "deny",
"tools": {
"spawn_agent_task": {
"limits": [
{
"counter": "spawn_agent_task_rate",
"window": "minute",
"max": 10,
"scope": "grant"
}
]
}
}
}spawn_agent_task stays usable, but rate-capped — a runaway agent can't fire it dozens of times a minute. Everything else on the server is denied unless you say otherwise.
Free to start. No card required.
Delegate work to a specialist AI agent and track the assigned task. Also known as: hand this off, assign task, spawn agent, have an agent do it, autonomous work. Automatically checks authorization, rate limits, quality gates, model routing, and budget policy before spawning. Omit model_tier/provider/model to let OrgX auto-route from task complexity; provide them only when the user or verification plan intentionally constrains routing. Returns modelTier, budget, and run details on success, or blockedReason if spawn is denied. USE WHEN: user explicitly wants to delegate work to an agent. NEXT: Use get_agent_status to monitor progress and record_quality_score after reviewing output. DO NOT USE: for creating tasks in the hierarchy — use create_entity type=task instead. Requires agents:write. It is categorised as a Execute tool in the OrgX MCP Server, which means it can trigger actions or run processes. Use rate limits and argument validation.
spawn_agent_task accepts 12 parameters: task, agent, model, context, task_id, _context, deadline, provider, model_tier, budget_mode, sdk_backend, max_cost_usd. The full parameter table on this page comes from the server's own tool schema.
Register the OrgX MCP server in PolicyLayer and add a rule for spawn_agent_task: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches OrgX. Nothing to install.
spawn_agent_task is a Execute tool with high risk. Execute tools should be rate-limited and have argument validation enabled.
Yes. Add a rate_limit block to the spawn_agent_task rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for spawn_agent_task. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
spawn_agent_task is provided by the OrgX MCP server (useorgx/orgx-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Deterministic rules across all 29 OrgX tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.
Free to start. No card required.
29 OrgX tools catalogued and risk-classified — across an index of 42,500+ MCP servers.