Critical-risk tools in QuickBooks Online MCP Server
13 of the 55 tools in QuickBooks Online MCP Server are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
delete_accountDestructiveDelete (make inactive) a chart-of-accounts entry in QuickBooks Online.
-
delete_billDestructiveDelete a bill in QuickBooks Online.
-
delete_bill_paymentDestructiveDelete a bill payment in QuickBooks Online.
-
delete_customerDestructiveDelete (make inactive) a customer in QuickBooks Online.
-
delete_employeeDestructiveDelete (make inactive) an employee in QuickBooks Online.
-
delete_estimateDestructiveDelete an estimate in QuickBooks Online.
-
delete_invoiceDestructiveVoid an invoice in QuickBooks Online. Sets the invoice status to voided.
-
delete_itemDestructiveDelete (make inactive) an item in QuickBooks Online.
-
delete_journal_entryDestructiveDelete a journal entry in QuickBooks Online.
-
delete_purchaseDestructiveDelete a purchase in QuickBooks Online.
-
delete_vendorDestructiveDelete (make inactive) a vendor in QuickBooks Online.
-
create_bill_paymentFinancialCreate a bill payment in QuickBooks Online. Links a payment to one or more bills.
-
create_purchaseFinancialCreate a purchase (expense/check/credit card charge) in QuickBooks Online.
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.