Critical-risk tools in MongoDB

Critical severity MongoDB MCP Server 4 of 29 tools

4 of the 29 tools in MongoDB are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at critical risk

delete-many Destructive

Removes all documents that match the filter from a MongoDB collection
delete-one Destructive

Removes a single document that match the filter from a MongoDB collection
drop-collection Destructive

Removes a collection or view from the database. The method also removes any indexes associated with the dropped collection.
drop-database Destructive

Removes the specified database, deleting the associated data files

Attacks that target this class

Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Critical-risk tools in MongoDB

Tools at critical risk

Attacks that target this class

More on MongoDB

Let agents act without letting them run wild.