Tool Visibility¶
The tools configuration controls which Claude Code tools the reviewer can see and act on. This is the main lever for balancing review thoroughness against reviewer context usage.
The five tiers¶
| Tier | What happens | When to use |
|---|---|---|
output_visible |
Reviewer sees the tool's full output | Tools whose output matters for review (Read, Edit, Write) |
pre_review |
Reviewed before execution; can be blocked | Tools with irreversible side effects (Bash, PowerShell, MCP tools) |
write_review |
Reviewed before execution; reviewer sees the proposed diff | File modification tools (Edit, Write) |
whitelisted |
Passed through without blocking, streamed as context | Safe tools you want the reviewer to see but never block |
review_exempt |
Completely invisible to the reviewer | High-volume tools that would exhaust the reviewer's context |
Tools not in any list are streamed to the reviewer with their name and input parameters only — the output is not shown.
Configuration¶
All sub-keys accept a list of tool names:
defaults:
tools:
output_visible: [Read, Edit, Write]
pre_review: [Bash, PowerShell]
write_review: [Edit, Write]
whitelisted: [Glob, Grep]
review_exempt: []
If the tools block is omitted, server defaults apply.
How the tiers interact¶
A tool can appear in multiple tiers. The tiers are not mutually exclusive — they control different aspects of the review:
- Visibility (
output_visible) controls whether the reviewer sees the tool's output - Enforcement (
pre_review,write_review) controls whether the tool is reviewed before execution - Passthrough (
whitelisted) means the tool is never blocked but still visible - Exclusion (
review_exempt) removes the tool from the event stream entirely
A tool in both output_visible and pre_review means: review it before execution, and show the full output to the reviewer when it does run.
Whitelisted tools during blocks¶
When the agent is blocked, it can only use tools in the whitelisted list and the message_adversary MCP tool. This lets you keep essential read-only tools available even during enforcement.
Managing reviewer context¶
The reviewer has a finite context window. High-volume tools (like Grep returning hundreds of lines, or Read on large files) can fill it quickly. Use review_exempt for tools that generate a lot of output without adding review value.
Use output_visible selectively — only include tools whose output the reviewer needs to evaluate the agent's work. For most tools, seeing the name and input parameters is sufficient context.
MCP tools
MCP tools (tools from external servers) can also be included in these lists by their full name. If you use MCP tools that modify external systems (send messages, update databases), consider adding them to pre_review.