Critical-risk tools in Ast Editor

Critical severity Ast Editor MCP Server 11 of 59 tools

11 of the 59 tools in Ast Editor are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at critical risk

clear_outputs Destructive

clear_outputs
delete_cell Destructive

delete_cell
delete_in_body Destructive

delete_in_body
delete_key Destructive

delete_key
delete_symbol Destructive

delete_symbol
remove_chunk_option Destructive

Remove one chunk option. Use key="label" to clear the chunk label.
remove_from_array Destructive

remove_from_array
remove_frontmatter_key Destructive

Remove one top-level YAML frontmatter key.
remove_import Destructive

remove_import
remove_import_name Destructive

remove_import_name
remove_parameter Destructive

remove_parameter

Attacks that target this class

Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Privilege escalation via admin-only tools
Data exfiltration via tool chaining
Runaway Tool Loops

Critical-risk tools in Ast Editor

Tools at critical risk

Attacks that target this class

More on Ast Editor

Enforce policy on every Ast Editor tool call.