Critical-risk tools in Mcp Erpnext
3 of the 120 tools in Mcp Erpnext are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
erpnext_doc_cancelDestructive 4/5Cancel any ERPNext submitted document (changes status to Cancelled). Applies to submittable DocTypes like Sales Order, Purchase Order, Sales Invoice, etc. Calls frappe.client.ca...
-
erpnext_doc_deleteDestructive 4/5Delete any ERPNext document. Only Draft documents can usually be deleted. For submitted documents, use cancel first. Works on any DocType.
-
erpnext_sales_order_cancelDestructive 4/5Cancel a submitted Sales Order. Reverses stock reservation. Only works on submitted (non-completed) Sales Orders.
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.
More on Mcp Erpnext
Enforce policy on Mcp Erpnext
One command generates a policy scaffold for every server in your MCP config.
npx -y @policylayer/intercept init