Critical-risk tools in LION - keyless data for AI agents: CPG, enrichment, social (attested)

Critical severity LION - keyless data for AI agents: CPG, enrichment, social (attested) MCP Server 2 of 20 tools

2 of the 20 tools in LION - keyless data for AI agents: CPG, enrichment, social (attested) are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at critical risk

lion_declare_need Destructive

FREE. The primary way agents bootstrap research on Base. Tell LION a clear, specific need in plain language (e.g. "pre-trade risk + holder concentration for Base memecoins"). LI...
lion_keyless_base_rpc Destructive

The MULTI-CHAIN keyless RPC for agents - delete the API key. POST a standard JSON-RPC request (single or batch up to 10) of READ-ONLY methods (eth_call, eth_getBalance, eth_getC...

Attacks that target this class

Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Privilege escalation via admin-only tools
Data exfiltration via tool chaining
Runaway Tool Loops

More on LION - keyless data for AI agents: CPG, enrichment, social (attested)

Full LION - keyless data for AI agents: CPG, enrichment, social (attested) policy →
All 20 LION - keyless data for AI agents: CPG, enrichment, social (attested) tools →
All critical-risk tools across servers →

Tools at critical risk

Attacks that target this class

More on LION - keyless data for AI agents: CPG, enrichment, social (attested)

Let agents act without letting them run wild.