Critical-risk tools in Agentpay

Critical severity Agentpay MCP Server 4 of 17 tools

4 of the 17 tools in Agentpay are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at critical risk

revoke_api_key Destructive 4/5

Revoke a personal API key by its ID. The key will immediately stop working. This cannot be undone.
pay_checkout Financial 5/5

Create a virtual card AND fill the checkout form in one call. The card number is sent directly to the browser extension — you never see it. Call detect_checkout first to verify ...
pay_merchant_clp Financial 5/5

Pay a Chilean merchant in CLP via bank transfer. The user will receive a Telegram link to confirm the payment in their bank app. Use this for purchases at Chilean stores and ser...
pay_person_clp Financial 5/5

Send a CLP bank transfer to a person in Chile. The user will approve via Telegram. Use this for paying people (e.g. household help, freelancers, splitting bills).

Attacks that target this class

Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Critical-risk tools in Agentpay

Tools at critical risk

Attacks that target this class

More on Agentpay

Enforce policy on Agentpay