Critical-risk tools in Shortlist MCP Server

Critical severity Shortlist MCP Server MCP Server 7 of 32 tools

7 of the 32 tools in Shortlist MCP Server are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at critical risk

clear_queue Destructive

Clear all jobs from your application queue.
delete_education Destructive

Delete an education entry by ID. Get the ID from get_profile.
delete_resume Destructive

Delete a resume by ID. Get the ID from list_resumes.
delete_work_experience Destructive

Delete a work experience or project by ID. Get the ID from get_profile.
remove_from_queue Destructive

Remove a specific job from your application queue by its ID.
remove_languages Destructive

Remove one or more languages from your profile by name.
remove_skills Destructive

Remove one or more skills from your profile by name.

Attacks that target this class

Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Privilege escalation via admin-only tools
Data exfiltration via tool chaining
Runaway Tool Loops

Critical-risk tools in Shortlist MCP Server

Tools at critical risk

Attacks that target this class

More on Shortlist MCP Server

Enforce policy on every Shortlist MCP Server tool call.