AI agents call proxima_agentic_status to retrieve information from Proxima without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.
This tool retrieves and reports diagnostic information about the agentic pipeline's current state with no side effects, data modification, code execution, or destructive operations. It is purely informational, making it a Read category tool with low severity risk since it only exposes system status metrics that an agent would need for observability but cannot misuse to cause damage.
From the tool's definition Tool description explicitly states 'Read-only diagnostics' and lists status/health information (mode, router health, memory, run-loop, orchestrator, cost) that are retrieved without modification.
Attacks that exploit this kind of access
Full status of the agentic pipeline: current mode (session/BYOK), router/provider health, memory, run-loop, orchestrator and cost. Read-only diagnostics. It is categorised as a Read tool in the Proxima MCP Server, which means it retrieves data without modifying state.
Register the Proxima MCP server in PolicyLayer and add a rule for proxima_agentic_status: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Proxima. Nothing to install.
proxima_agentic_status is a Read tool with low risk. Read-only tools are generally safe to allow by default.
Yes. Add a rate_limit block to the proxima_agentic_status rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for proxima_agentic_status. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
proxima_agentic_status is provided by the Proxima MCP server (zen4-bit/proxima). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
proxima_agentic_status is one line of Proxima's registry record.
The record carries the whole server: verified identity, auth posture, risk grade, every tool classified, recommended policy — re-checked continuously.
Teams ship this data inside their own products. See what a licence covers →