thanks! My preference is still to wait, I think we should rethink the approach in that PR and avoid setting the denylist flag for those queries in the first place. This way, if other parts of the code want to inspect the denylist they do not have to implement the same exception logic.