Critical-risk tools in Sap Analytics Cloud

Critical severity Sap Analytics Cloud MCP Server 7 of 90 tools

7 of the 90 tools in Sap Analytics Cloud are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at critical risk

sac_stories_delete Destructive

Delete a story.
sac_transport_delete_content Destructive

Delete a content item.
sac_users_bulk Destructive

Bulk SCIM operations (create/update/delete multiple users/groups).
sac_users_delete Destructive

Delete a user.
sac_export_delete_subscription Destructive

Delete data export subscription(s).
sac_import_delete_job Destructive

Delete an import job.
sac_schedule_delete Destructive

Delete a publication schedule.

Attacks that target this class

Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Privilege escalation via admin-only tools
Data exfiltration via tool chaining
Runaway Tool Loops

Critical-risk tools in Sap Analytics Cloud

Tools at critical risk

Attacks that target this class

More on Sap Analytics Cloud

Enforce policy on every Sap Analytics Cloud tool call.