Critical-risk tools in Iterable MCP Server
12 of the 78 tools in Iterable MCP Server are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
bulk_delete_catalog_itemsDestructiveBulk delete catalog items by their IDs
-
cancel_campaignDestructiveCancel a scheduled or recurring campaign
-
cancel_export_jobDestructiveCancel a queued or running export job created with
-
delete_catalogDestructiveDelete a catalog
-
delete_catalog_itemDestructiveDelete a specific catalog item by ID
-
delete_listDestructiveDelete a user list
-
delete_snippetDestructiveDelete a snippet by ID (numeric) or name (string)
-
delete_templatesDestructiveDelete one or more templates by ID
-
delete_user_by_emailDestructiveDelete a user by email address (asynchronous - does not prevent future data collection)
-
delete_user_by_user_idDestructiveDelete a user by user ID (asynchronous - does not prevent future data collection, deletes all users with same userId)
-
abort_campaignDestructiveAbort a campaign that is currently running
-
archive_campaignsDestructiveArchive one or more campaigns. Scheduled/recurring campaigns will be cancelled, running campaigns will be aborted.
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.