Update a watch in place — pause/resume (paused), re-point (url), change schedule/diff/notify settings, or turn a channel off (webhookUrl/notifyEmail = null). Only the fields you send change; renderParams is deep-merged over the existing config. A scope change (url/selector/fullPage/size/device) r...
AI agents use watch_update to create or update resources in Rendex Screenshot — usually the action step of a workflow, after the agent has gathered context. Every call changes real data in your Rendex Screenshot environment.
| Parameter | Type | Required | Description |
|---|---|---|---|
id | string | Yes | The watch ID (UUID) to update. |
url | string | — | Re-point to a new URL (clears the baseline; the next check re-baselines). |
name | object | — | Rename the watch (null to clear). |
paused | boolean | — | true to pause the watch, false to resume. |
diffMode | string | — | Change what counts as a change. |
aiSummary | boolean | — | Pro+ — toggle the AI 'what changed' summary (roadmap). |
threshold | number | — | Change the visual-change noise floor (0..1). |
webhookUrl | object | — | Starter+ — set or replace the change-webhook target; null to turn it off. |
notifyEmail | object | — | Set the alert email (your account email only); null to turn it off. |
renderParams | object | — | Render knobs to deep-merge over the existing capture config. |
intervalMinutes | integer | — | New check frequency in minutes (subject to your plan's floor). |
Parameters from the server's own tool schema.
This tool modifies an existing watch configuration (URL, schedule, notification settings, etc.) in a reversible way. Changes can be undone by updating again. No code execution, deletion, or financial transactions are involved. The blast radius is medium since a misconfigured watch could disrupt monitoring or redirect surveillance to unintended URLs.
From the tool's definition Update a watch in place — pause/resume (paused), re-point (url), change schedule/diff/notify settings... Only the fields you send change; renderParams is deep-merged over the existing config. Returns the updated watch as JSON.
Risk signalsAccepts URL/endpoint input (url) · High parameter count (37 properties)
Attacks that exploit this kind of access
Update a watch in place — pause/resume (paused), re-point (url), change schedule/diff/notify settings, or turn a channel off (webhookUrl/notifyEmail = null). Only the fields you send change; renderParams is deep-merged over the existing config. A scope change (url/selector/fullPage/size/device) re-baselines on the next check. Returns the updated watch as JSON. It is categorised as a Write tool in the Rendex Screenshot MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.
watch_update accepts 11 parameters: id, url, name, paused, diffMode, aiSummary, threshold, webhookUrl, notifyEmail, renderParams, intervalMinutes. Required: id. The full parameter table on this page comes from the server's own tool schema.
Register the Rendex Screenshot MCP server in PolicyLayer and add a rule for watch_update: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Rendex Screenshot. Nothing to install.
watch_update is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.
Yes. Add a rate_limit block to the watch_update rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for watch_update. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
watch_update is provided by the Rendex Screenshot MCP server (copperline-labs/rendex-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →