Critical-risk tools in Attio

Critical severity Attio MCP Server 6 of 57 tools

6 of the 57 tools in Attio are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at critical risk

deletev2notesbynoteid Destructive

Delete a single note by ID. Required scopes: \
deletev2tasksbytaskid Destructive

Delete a task by ID. Required scopes: \
deletev2webhooksbywebhookid Destructive

Delete a webhook by ID. Required scopes: \
deletev2commentsbycommentid Destructive

Deletes a comment by ID. If deleting a comment at the head of a thread, all messages in the thread are also deleted. Required scopes: \
deletev2listsentriesbyentryid Destructive

Deletes a single list entry by its \
deletev2objectsrecordsbyrecordid Destructive

Deletes a single record (e.g. a company or person) by ID. Required scopes: \

Attacks that target this class

Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Critical-risk tools in Attio

Tools at critical risk

Attacks that target this class

More on Attio

Enforce policy on every Attio tool call.