Critical-risk tools in Ghost CMS MCP Server

Critical severity Ghost CMS MCP Server MCP Server 9 of 44 tools

9 of the 44 tools in Ghost CMS MCP Server are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at critical risk

invites_delete Destructive 4/5

Delete/revoke an invite
members_delete Destructive 4/5

Delete a member by ID
newsletters_delete Destructive 4/5

Delete a newsletter by ID
offers_delete Destructive 4/5

Delete an offer by ID
posts_delete Destructive 4/5

Delete a post by ID
tags_delete Destructive 4/5

Delete a tag by ID
tiers_delete Destructive 4/5

Delete a tier by ID
users_delete Destructive 4/5

Delete a staff user
webhooks_delete Destructive 4/5

Delete a webhook by ID

Attacks that target this class

Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Privilege escalation via admin-only tools
Data exfiltration via tool chaining
Runaway Tool Loops

Critical-risk tools in Ghost CMS MCP Server

Tools at critical risk

Attacks that target this class

More on Ghost CMS MCP Server

Enforce policy on Ghost CMS MCP Server