Critical-risk tools in Mcp Products
5 of the 11 tools in Mcp Products are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
telora_infra_assetDestructive 5/5Infrastructure assets: typed resources (database, container, service, dashboard, storage, proxy, dns, monitoring, ci_cd) within a product. Assets can optionally belong to an env...
-
telora_infra_environmentDestructive 4/5Infrastructure environments: named deployment targets (production, staging, dev) within a product. Each environment groups infrastructure assets and has a status (active, provis...
-
telora_infra_relationshipDestructive 4/5Asset relationships: directed links between infrastructure assets within the same product. Types: connects_to, deploys_to, proxies, depends_on, hosts. Actions: list (by product)...
-
telora_infra_secretDestructive 4/5Infrastructure secrets: encrypted key-value pairs stored per asset using Vault. List and create show names only (no values). Use get to decrypt and reveal a secret value on dema...
-
telora_product_deliveryDestructive 4/5Work packages: individual shippable increments within a strategy. Each delivery has acceptance criteria, technical context, and tracks progress through issues. Actions: list del...
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.
More on Mcp Products
Enforce policy on Mcp Products
One command generates a policy scaffold for every server in your MCP config.
npx -y @policylayer/intercept init