// SCAN REPORT

Mcp Ssh

23 tools. 13 can modify or destroy data without limits.

1 destructive tool with no built-in limits. Policy required.

Last updated: 11 Jun 2026

13 can modify or destroy data

10 read-only

23 tools total

Community server · catalogue entry verified 11/06/2026

How to control Mcp Ssh ↓

TOOL MAP

Read (10) Write / Execute (12) Destructive / Financial (1)

MOST DANGEROUS TOOLS

Critical Risk

Destructive · High deleteConnection This tool permanently removes a stored SSH connection configuration, which cannot be automatically recovered. Execute · Critical backgroundExecute This tool allows arbitrary command execution on remote servers with background scheduling capability. Execute · High executeCommand This tool triggers external operations (command execution on remote servers) whose effects depend entirely on the command arguments provided. Execute · High stopAllBackgroundTasks This tool executes an operation that terminates background tasks—an irreversible action that affects system state and running processes.

13 of Mcp Ssh's 23 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

HOW TO CONTROL MCP SSH

PolicyLayer is an MCP gateway — it sits between your AI agents and Mcp Ssh, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations

{
  "deleteConnection": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations

{
  "batchUploadFiles": {
    "limits": [
      {
        "counter": "batchuploadfiles_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations

{
  "batchDownloadFiles": {
    "limits": [
      {
        "counter": "batchdownloadfiles_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

Create a free account and register Mcp Ssh — nothing to install.
Add these rules — paste them, or build them visually. Tune the limits to your setup.
Point your MCP client (Claude, Cursor, anything) at your gateway URL.

ENFORCE POLICY ON MCP SSH →

Free to start. No card required.

ALL 23 MCP SSH TOOLS

DESTRUCTIVE 1 tools

Destructive deleteConnection Deletes a saved SSH connection.

EXECUTE 7 tools

Execute backgroundExecute Executes a command in the background on a remote server at a specified interval. Execute executeCommand Executes a command on a remote server via SSH. Execute stopAllBackgroundTasks Stops all running background tasks. Execute stopBackground Stops a background command execution on a specific connection. Execute createTunnel Creates an SSH tunnel (port forwarding). Execute mcp_ssh_mcp_createTerminalSession Creates a new interactive terminal session. Execute mcp_ssh_mcp_writeToTerminal Writes data to an interactive terminal session.

WRITE 5 tools

Write batchUploadFiles Uploads multiple local files to a remote server. Write closeTunnel Closes an active SSH tunnel. Write connect Establishes a new SSH connection to a server. Write disconnect Disconnects an active SSH connection. Write uploadFile Uploads a local file to a remote server.

READ 10 tools

Read batchDownloadFiles Downloads multiple files from a remote server. Read downloadFile Downloads a file from a remote server to the local machine. Read getConnection Gets detailed information about a specific SSH connection. Read getCurrentDirectory Gets the current working directory of an SSH connection. Read getFileTransferStatus Gets the status of a specific file transfer. Read listActiveSessions Lists all currently active SSH sessions. Read listBackgroundTasks Lists all background tasks currently running. Read listConnections Lists all saved SSH connections. Read listFileTransfers Lists all recent file transfers. Read listTunnels Lists all active SSH tunnels.

RELATED SERVERS

Other MCP servers with similar tools — same risk classification, starter policies for each.

FAQ

Can an AI agent delete data through the Mcp Ssh MCP server? +

Yes. The Mcp Ssh server exposes 1 destructive tools including deleteConnection. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Mcp Ssh? +

The Mcp Ssh server has 5 write tools including batchUploadFiles, closeTunnel, connect. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Mcp Ssh.

How many tools does the Mcp Ssh MCP server expose? +

23 tools across 4 categories: Destructive, Execute, Read, Write. 10 are read-only. 13 can modify, create, or delete data.

How do I enforce a policy on Mcp Ssh? +

Register the Mcp Ssh MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Mcp Ssh tool call.

Deterministic rules across all 23 Mcp Ssh tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

ENFORCE POLICY ON MCP SSH →

Free to start. No card required.

23 Mcp Ssh tools catalogued and risk-classified — across an index of 42,500+ MCP servers.

Mcp Ssh

// TOOL MAP

// MOST DANGEROUS TOOLS

// HOW TO CONTROL MCP SSH

// ALL 23 MCP SSH TOOLS

// RELATED SERVERS

// FAQ