Critical-risk tools in SmartLead MCP Server
10 of the 116 tools in SmartLead MCP Server are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
smartlead_delete_campaignDestructivePermanently delete a campaign and all associated data. This action cannot be undone.
-
smartlead_delete_campaign_webhookDestructiveDelete a specific webhook from a campaign.
-
smartlead_delete_client_api_keyDestructiveDelete a specific API key.
-
smartlead_delete_folderDestructiveDelete a smart delivery folder by ID.
-
smartlead_delete_lead_by_campaignDestructiveRemove a lead from a specific campaign permanently.
-
smartlead_delete_tests_in_bulkDestructiveDelete multiple smart delivery tests at once for cleanup purposes.
-
smartlead_remove_email_account_from_campaignDestructiveRemove an email account from a specific campaign.
-
smartlead_place_order_for_mailboxesFinancialPlace an order for specific mailboxes with a vendor.
-
smartlead_unsubscribe_lead_from_all_campaignsDestructiveUnsubscribe a lead from all campaigns across the entire account.
-
smartlead_unsubscribe_lead_from_campaignDestructiveUnsubscribe a lead from a specific campaign, stopping all future emails.
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.