Critical-risk tools in Create Web Page

Critical severity Create Web Page MCP Server 3 of 23 tools

3 of the 23 tools in Create Web Page are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at critical risk

block.delete Destructive

Delete one block by stable blockId. Use page.get first if unsure which id to remove. For already-published pages, this saves an unpublished latest revision only. Do not call pag...
page.claim Destructive

Claim an anonymous demo page into the authenticated account using the pageId and editToken returned by page.create. Use this only when the user wants to keep or manage the websi...
page.unpublish Destructive

Remove a published landing page from public availability while keeping its draft and revision history.

Attacks that target this class

Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Privilege escalation via admin-only tools
Data exfiltration via tool chaining
Runaway Tool Loops

Critical-risk tools in Create Web Page

Tools at critical risk

Attacks that target this class

More on Create Web Page

Let agents act without letting them run wild.