Critical-risk tools in Loopctl
3 of the 52 tools in Loopctl are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
delete_projectDestructiveDelete a project and all of its dependent resources (epics, stories, audit entries scoped to it). REQUIRES LOOPCTL_USER_KEY to be set in the MCP server env (user role — orchestr...
-
knowledge_deleteDestructiveDelete an article. Under the hood this performs the same soft-delete (archive) as knowledge_archive — use whichever name is clearer at the call site. The row is retained for aud...
-
knowledge_unpublishDestructiveRevert a published article back to draft state. The article stops being visible in agent search/context but is not deleted — re-publish with knowledge_publish. REQUIRES LOOPCTL_...
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.