Critical-risk tools in Railway MCP Server
6 of the 38 tools in Railway MCP Server are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
domain_deleteDestructive 4/5[API] Delete a domain from a service ⚡️ Best for: ✓ Removing unused domains ✓ Cleaning up configurations ✓ Domain management ⚠️ Not for: × Temporary domain disabling ...
-
project_deleteDestructive 4/5[API] Delete a Railway project and all its resources ⚡️ Best for: ✓ Removing unused projects ✓ Cleaning up test projects ⚠️ Not for: × Temporary project deactivation ×...
-
service_deleteDestructive 4/5[API] Delete a service from a project ⚡️ Best for: ✓ Removing unused services ✓ Cleaning up test services ✓ Project reorganization ⚠️ Not for: × Temporary service stop...
-
tcp_proxy_deleteDestructive 4/5[API] Delete a TCP proxy ⚡️ Best for: ✓ Removing unused proxies ✓ Security management ✓ Endpoint cleanup ⚠️ Not for: × Temporary proxy disabling × Port updates → Pr...
-
variable_deleteDestructive 4/5[API] Delete a variable for a service in a specific environment ⚡️ Best for: ✓ Removing unused configuration ✓ Security cleanup ✓ Configuration management ⚠️ Not for: ...
-
volume_deleteDestructive 4/5[API] Delete a volume from a service ⚡️ Best for: ✓ Removing unused storage ✓ Storage cleanup ✓ Resource management ⚠️ Not for: × Temporary data removal × Data backu...
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.
More on Railway MCP Server
Enforce policy on Railway MCP Server
One command generates a policy scaffold for every server in your MCP config.
npx -y @policylayer/intercept init