Critical-risk tools in Lyra Mcp Server
6 of the 34 tools in Lyra Mcp Server are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
lyra_cancel_gatheringDestructiveMark a gathering as cancelled. Works from any non-terminal state (draft, awaiting_responses, live, rescheduled). Records the cancellation reason in the audit log if provided. Al...
-
lyra_remove_itemDestructiveRemove an item from a Lyra profile by ID. Requires API key.
-
lyra_remove_linkDestructiveRemove an external link by ID. Requires API key.
-
lyra_remove_schoolDestructiveRemove a school affiliation by ID. Requires API key.
-
lyra_reschedule_gatheringDestructiveMove a live gathering to a new time (and optionally a new venue). Transitions the gathering to 'rescheduled' state. Already-accepted invitees have their RSVP status reset to 'in...
-
lyra_finalise_gatheringFinancialLocks the final slot (and optionally venue) and transitions a draft gathering to 'live'. Records the transition in the gathering events log. Does NOT send invites yet — call lyr...
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.