Critical-risk tools in Monica CRM MCP Server

Critical severity Monica CRM MCP Server MCP Server 6 of 21 tools

6 of the 21 tools in Monica CRM MCP Server are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at critical risk

monica_manage_activity Destructive

List, inspect, create, update, or delete activities (meetings, events, shared interactions). Provide either activityTypeId or activityTypeName.
monica_manage_call Destructive

List, inspect, create, update, or delete logged phone calls. Use this to capture quick notes about conversations with contacts.
monica_manage_financial_record Financial

List, inspect, create, update, or delete gifts and debts. Use recordType=
monica_manage_media Destructive

List, inspect, upload, or delete documents and photos stored in Monica. Use mediaType to pick the resource.
monica_manage_relationship Destructive

List, inspect, create, update, or delete relationships between contacts. Provide relationshipTypeId or relationshipTypeName to identify the connection.
monica_manage_task_reminder Destructive

List, inspect, create, update, or delete Monica tasks and reminders. Choose itemType=

Attacks that target this class

Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Privilege escalation via admin-only tools
Data exfiltration via tool chaining
Runaway Tool Loops

Critical-risk tools in Monica CRM MCP Server

Tools at critical risk

Attacks that target this class

More on Monica CRM MCP Server

Enforce policy on every Monica CRM MCP Server tool call.