Read-only snapshot of everything awaiting human attention: pending promotion candidates, stale knowledge pages past their refresh threshold, and detected preference contradictions. Use at the start of a review or maintenance session to see outstanding work; then call waypath_review, waypath_refre...
AI agents invoke waypath_review_queue to trigger actions in Waypath. What it does depends on the arguments the agent supplies, and its effects often reach beyond the immediate call — builds kicked off, notifications sent, workflows started.
waypath_review_queue triggers real processes with real consequences. An agent gone sideways doesn't fire it once — it starts dozens of builds, sends mass notifications, or burns through compute before anyone looks up.
Risk signalsBulk/mass operation — affects multiple targets
Attacks that exploit this kind of access
Read-only snapshot of everything awaiting human attention: pending promotion candidates, stale knowledge pages past their refresh threshold, and detected preference contradictions. Use at the start of a review or maintenance session to see outstanding work; then call waypath_review, waypath_refresh_page, or waypath_resolve_contradiction as appropriate. Takes no parameters. It is categorised as a Execute tool in the Waypath MCP Server, which means it can trigger actions or run processes. Use rate limits and argument validation.
Register the Waypath MCP server in PolicyLayer and add a rule for waypath_review_queue: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Waypath. Nothing to install.
waypath_review_queue is a Execute tool with high risk. Execute tools should be rate-limited and have argument validation enabled.
Yes. Add a rate_limit block to the waypath_review_queue rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for waypath_review_queue. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
waypath_review_queue is provided by the Waypath MCP server (thestack-ai/waypath). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.