Critical-risk tools in AbraFlexi

Critical severity AbraFlexi MCP Server 6 of 21 tools

6 of the 21 tools in AbraFlexi are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at critical risk

contact_delete Destructive 4/5

Delete contact records permanently
evidence_delete Destructive 5/5

Delete a record from any evidence type
invoice_issued_delete Destructive 5/5

Delete issued invoices permanently
product_delete Destructive 4/5

Delete products from the price list
bank_transaction_create Financial 5/5

Create new bank transaction records
invoice_issued_create Financial 5/5

Create and issue new invoices

Attacks that target this class

Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Privilege escalation via admin-only tools
Data exfiltration via tool chaining
Runaway Tool Loops

Critical-risk tools in AbraFlexi

Tools at critical risk

Attacks that target this class

More on AbraFlexi

Enforce policy on AbraFlexi