Critical-risk tools in Kustodia Escrow

Critical severity Kustodia Escrow MCP Server 3 of 36 tools

3 of the 36 tools in Kustodia Escrow are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at critical risk

cancel_payment Destructive

[FIAT ESCROW] Cancel a pending fiat payment before deposit. Cannot cancel web3 escrows this way.
cancel_recurring Destructive

[RECURRING] Cancel a recurring subscription. In-progress cycles will complete, no new cycles created.
request_refund Financial

[FIAT ESCROW] Request refund for a fiat payment. Triggers SPEI/wire return to buyer.

Attacks that target this class

Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Privilege escalation via admin-only tools
Data exfiltration via tool chaining
Runaway Tool Loops

Critical-risk tools in Kustodia Escrow

Tools at critical risk

Attacks that target this class

More on Kustodia Escrow

Let agents act without letting them run wild.