Critical-risk tools in MCP Bookmarks
4 of the 14 tools in MCP Bookmarks are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
batch_remove_bookmarksDestructiveRemove multiple bookmarks by their IDs in a single operation. **IMPORTANT - Before removing, consider:** 1. Can you UPDATE the bookmark instead? Use update_bookmark to modify c...
-
clear_all_bookmarksDestructiveClear all bookmarks and groups. This is a destructive operation that requires explicit confirmation.
-
remove_bookmarkDestructiveRemove a bookmark by its ID. CASCADE DELETES all child bookmarks. **STOP! Before removing, ask yourself:** 1. Can I UPDATE this bookmark instead? (update_bookmark) 2. Did I ver...
-
remove_groupDestructiveRemove a bookmark group and all its bookmarks. This is a destructive operation.
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.