Dry-run a watch config BEFORE creating it — render the proposed config once and report what was captured + whether the page is reachable (and the text a text-watch would compare). Creates no watch, no baseline, no diff. Use this to validate a selector/scope/identity first. Returns JSON.
AI agents call watch_test to retrieve information from Rendex Screenshot without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.
| Parameter | Type | Required | Description |
|---|---|---|---|
url | string | Yes | The page to monitor (a schemeless host like 'rendex.dev/pricing' is upgraded to https). |
name | string | — | Optional label for the watch. |
paused | boolean | — | Create the watch paused (no baseline capture or charge until resumed). |
diffMode | string | — | visual = pixel diff + highlighted overlay; text = extracted-text diff; both runs each. |
aiSummary | boolean | — | Pro+ — attach an AI 'what changed' summary (roadmap). |
threshold | number | — | Visual-change noise floor as a 0..1 fraction; the diff must EXCEED it to count as changed. |
webhookUrl | string | — | Starter+ — HMAC-signed change-webhook target. |
notifyEmail | string | — | Any plan — send change alerts here. Must be your OWN account email (others are rejected). Defaults to it if omitted. |
renderParams | object | — | Render knobs applied on every check (a subset of the screenshot capture params). |
intervalMinutes | integer | — | Check frequency in minutes. Minimum is your plan's floor — Free 1440 (daily), Starter 180, Pro 30, Enterprise 5. |
Parameters from the server's own tool schema.
watch_test is a read-only validation tool that retrieves and reports information about a proposed configuration and page state without creating, modifying, or deleting any resources. It is purely informational—akin to a preview or test query. The explicit statement that it 'Creates no watch, no baseline, no diff' confirms no state is modified. This falls squarely into the Read category.
From the tool's definition Tool performs a dry-run validation that 'Creates no watch, no baseline, no diff' and 'Returns JSON'. It renders a page once to report captured content and reachability, with no persistent side effects, modifications, or irreversible actions.
Risk signalsAccepts URL/endpoint input (url) · High parameter count (36 properties)
Attacks that exploit this kind of access
Dry-run a watch config BEFORE creating it — render the proposed config once and report what was captured + whether the page is reachable (and the text a text-watch would compare). Creates no watch, no baseline, no diff. Use this to validate a selector/scope/identity first. Returns JSON. It is categorised as a Read tool in the Rendex Screenshot MCP Server, which means it retrieves data without modifying state.
watch_test accepts 10 parameters: url, name, paused, diffMode, aiSummary, threshold, webhookUrl, notifyEmail, renderParams, intervalMinutes. Required: url. The full parameter table on this page comes from the server's own tool schema.
Register the Rendex Screenshot MCP server in PolicyLayer and add a rule for watch_test: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Rendex Screenshot. Nothing to install.
watch_test is a Read tool with low risk. Read-only tools are generally safe to allow by default.
Yes. Add a rate_limit block to the watch_test rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for watch_test. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
watch_test is provided by the Rendex Screenshot MCP server (copperline-labs/rendex-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →