Manually refresh health checks for voice provider endpoints. Useful when a service has been started/stopped and you want to update the registry without restarting the MCP server. Args: service_type: Optional - 'tts' or 'stt' to refresh only one type base_url: Optional - specific endpoint URL to r...
AI agents use refresh_provider_registry to create or update resources in Voice Mode — usually the action step of a workflow, after the agent has gathered context. Every call changes real data in your Voice Mode environment.
This is a Write operation because it modifies the state of the provider registry (updating health checks and endpoint statuses) in a reversible manner. While it doesn't delete data, the ability to mark endpoints as artificially healthy (optimistic=True) without actual health verification could cause the system to route audio to unhealthy services, representing a moderate blast radius if misused by a malicious agent.
From the tool's definition The tool 'refresh_provider_registry' modifies the health check state of voice provider endpoints. It updates endpoint status in the registry through the 'optimistic' parameter which can mark endpoints as healthy without verification, and accepts optional…
Documented attack patterns abuse exactly the kind of access refresh_provider_registry gives an agent:
PolicyLayer is an MCP gateway — it sits between your AI agents and Voice Mode, and nothing reaches the server without passing your rules. This is the rule we recommend for refresh_provider_registry:
{
"version": "1",
"default": "deny",
"tools": {
"refresh_provider_registry": {
"limits": [
{
"counter": "refresh_provider_registry_rate",
"window": "minute",
"max": 30,
"scope": "grant"
}
]
}
}
}refresh_provider_registry stays usable, but capped — an agent stuck in a loop can't make hundreds of changes a minute. Everything else on the server is denied unless you say otherwise.
Free to start. No card required.
Manually refresh health checks for voice provider endpoints. Useful when a service has been started/stopped and you want to update the registry without restarting the MCP server. Args: service_type: Optional - 'tts' or 'stt' to refresh only one type base_url: Optional - specific endpoint URL to refresh optimistic: If True, mark all endpoints as healthy without checking (default: True) Returns: Summary of refreshed endpoints and their status. It is categorised as a Write tool in the Voice Mode MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.
Register the Voice Mode MCP server in PolicyLayer and add a rule for refresh_provider_registry: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Voice Mode. Nothing to install.
refresh_provider_registry is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.
Yes. Add a rate_limit block to the refresh_provider_registry rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for refresh_provider_registry. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
refresh_provider_registry is provided by the Voice Mode MCP server (mbailey/voicemode). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Start from Voice Mode, add the rest of your stack, and see everything your agents can call. Then put policy on all of it.
Free to start. No card required.
25 Voice Mode tools catalogued and risk-classified — across an index of 43,000+ MCP servers.