codeloop_start_recording

// WHEN AI AGENTS USE THIS TOOL

AI agents invoke codeloop_start_recording to trigger processes or run actions in Codeloop. Execute operations can have side effects beyond the immediate call -- triggering builds, sending notifications, or starting workflows. Rate limits and argument validation are essential to prevent runaway execution.

// WHY ENFORCE A POLICY ON CODELOOP_START_RECORDING

codeloop_start_recording can trigger processes with real-world consequences. An uncontrolled agent might start dozens of builds, send mass notifications, or kick off expensive compute jobs. Intercept enforces rate limits and validates arguments to keep execution within safe bounds.

// RECOMMENDED POLICY

Execute tools trigger processes. Rate-limit and validate arguments to prevent unintended side effects.

codeloop.yaml

tools:
  codeloop_start_recording:
    rules:
      - action: allow
        rate_limit:
          max: 10
          window: 60
        validate:
          required_args: true

See the full Codeloop policy for all 29 tools.

// DETAILS

Tool Name codeloop_start_recording

Category Execute

MCP Server Codeloop MCP Server

Risk Level High

// MORE CODELOOP TOOLS

Execute codeloop_design_compare Execute codeloop_diagnose Execute codeloop_interact Execute codeloop_record_interaction Execute codeloop_run_history Execute codeloop_stop_recording Execute codeloop_visual_review Write codeloop_generate_dev_report

View all 29 tools →

// WHAT CAN GO WRONG

Agents calling execute-class tools like codeloop_start_recording have been implicated in these attack patterns. Read the full case and prevention policy for each:

Browse the full MCP Attack Database →

// OTHER EXECUTE TOOLS ACROSS MCP SERVERS

Other tools in the Execute risk category across the catalogue. The same policy patterns (rate-limit, validate) apply to each.

Atv build_stake_tx Atv build_unstake_tx Acdp start_local Pentagonal pentagonal_audit Pentagonal pentagonal_compile ACR — Agent Composition Records orient_me

// IN CONTEXT OF HIGH RISK

codeloop_start_recording is one of the high-risk operations in Codeloop. For the full severity-focused view — only the high-risk tools with their recommended policies — see the breakdown for this server, or browse all high-risk tools across every MCP server.

// RELATED READING

// FAQ

What does the codeloop_start_recording tool do? +

[CodeLoop] You MUST call codeloop_verify after every code change. If .codeloop/config.json is missing, call codeloop_init_project FIRST. Start recording the app window in the background. The app is brought to the front automatically (un-minimized if needed). Recording continues while you interact with the app. Call codeloop_stop_recording when done. This is the PREFERRED recording method because it lets you actively operate the app during capture. WINDOW FOCUS: The app is brought to front when recording starts. Each subsequent codeloop_interact call also brings the app to front automatically before performing the interaction. This ensures interactions always hit the app window, NOT the IDE, even on single-monitor setups. After codeloop_stop_recording, the IDE is restored to front. CRITICAL: After starting recording, you MUST use the codeloop_interact tool to actively interact with EVERY interactive element in the app. Do NOT just let the recording run idle or only scroll. You must: - Navigate to EVERY page/route in the app - Click EVERY button, link, and navigation element - Fill EVERY form field with test data and submit - Open/close every modal, dropdown, menu, and accordion - Test hover states, tooltips, and interactive components - Test auth flows (login/signup/change-password) if present - Test form validation (empty submit, invalid inputs) - Wait 1-2 seconds between interactions so video frames capture each state change Use codeloop_interact for ALL interactions — do NOT use raw osascript/PowerShell/xdotool. Flow: start_recording → codeloop_interact with ALL app elements → stop_recording → interaction_replay. Supports desktop apps, Android emulator, iOS Simulator, and browser targets. Multi-monitor: on macOS, automatically detects which screen the app window is on. App logs (stdout, logcat, simctl log) are automatically captured alongside the video.. It is categorised as a Execute tool in the Codeloop MCP Server, which means it can trigger actions or run processes. Use rate limits and argument validation.

How do I enforce a policy on codeloop_start_recording? +

Add a rule in your Intercept YAML policy under the tools section for codeloop_start_recording. You can allow, deny, rate-limit, or validate arguments. Then run Intercept as a proxy in front of the Codeloop MCP server.

What risk level is codeloop_start_recording? +

codeloop_start_recording is a Execute tool with high risk. Execute tools should be rate-limited and have argument validation enabled.

Can I rate-limit codeloop_start_recording? +

Yes. Add a rate_limit block to the codeloop_start_recording rule in your Intercept policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block codeloop_start_recording completely? +

Set action: deny in the Intercept policy for codeloop_start_recording. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides codeloop_start_recording? +

codeloop_start_recording is provided by the Codeloop MCP server (codeloop-mcp-server). Intercept sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Let agents act without letting them run wild.