Critical-risk tools in Joplin

Critical severity Joplin MCP Server 5 of 32 tools

5 of the 32 tools in Joplin are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at critical risk

delete_note Destructive 4/5

Delete a note (moves it to the trash).
delete_notebook Destructive 4/5

Delete a notebook. The notebook must be empty.
delete_resource Destructive 4/5

Delete a resource/attachment from Joplin. WARNING: This will break references in notes that use this resource. Use get_resource_notes first to check usage.
delete_tag Destructive 4/5

Delete a tag from Joplin. All notes will no longer have this tag.
remove_tags_from_note Destructive 4/5

Remove specific tags from a note. Silently ignores tags that don't exist or aren't on the note.

Attacks that target this class

Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Critical-risk tools in Joplin

Tools at critical risk

Attacks that target this class

More on Joplin

Enforce policy on Joplin