StackSwap's reference starter stack for a given industry vertical. Returns a curated tool list with per-tool cost, total monthly/annual spend, AI-readiness and headless-readiness scores, and partner sign-up links. Use for greenfield 'what stack should I buy?' queries — distinct from scan_stack (a...
AI agents call recommend_stack to retrieve information from StackSwap without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.
| Parameter | Type | Required | Description |
|---|---|---|---|
budget | number | — | Optional monthly budget cap in USD. If exceeded, the response flags the overage but does not auto-swap tools. |
industry | string | Yes | Industry vertical. Recognised: 'SaaS / Tech', 'Marketing Agency', 'Finance / Fintech', 'Consulting'. Common slugs (b2b_saas, fintech, agency) and aliases also a |
teamSize | string | — | Team-size band for cost modeling. Defaults to 11-25. |
Parameters from the server's own tool schema.
recommend_stack retrieves curated reference stacks and vendor information from the StackSwap database. No side effects occur — it does not create, modify, execute commands, delete data, or move money. The tool is explicitly read-only and provides advisory recommendations only, with partner sign-up links being informational redirects rather than transactional commits.
From the tool's definition Tool is described as returning 'a curated tool list' with 'cost', 'spend', 'scores', and 'partner sign-up links' — it retrieves and presents information without modifying any data.
Attacks that exploit this kind of access
StackSwap's reference starter stack for a given industry vertical. Returns a curated tool list with per-tool cost, total monthly/annual spend, AI-readiness and headless-readiness scores, and partner sign-up links. Use for greenfield 'what stack should I buy?' queries — distinct from scan_stack (audits an existing stack) and recommend_partner (single category). It is categorised as a Read tool in the StackSwap MCP Server, which means it retrieves data without modifying state.
recommend_stack accepts 3 parameters: budget, industry, teamSize. Required: industry. The full parameter table on this page comes from the server's own tool schema.
Register the StackSwap MCP server in PolicyLayer and add a rule for recommend_stack: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches StackSwap. Nothing to install.
recommend_stack is a Read tool with low risk. Read-only tools are generally safe to allow by default.
Yes. Add a rate_limit block to the recommend_stack rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for recommend_stack. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
recommend_stack is provided by the StackSwap MCP server (StonesofCreation/stackswap-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →