Critical-risk tools in Agenti

Critical severity Agenti MCP Server 18 of 73 tools

18 of the 73 tools in Agenti are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at critical risk

binance_cancel_order Destructive

Cancel an open order by orderId or clientOrderId. Requires BINANCE_API_KEY + BINANCE_SECRET_KEY.
jupiter_swap Financial

Execute a token swap via Jupiter v6 aggregator. Best-route swap across all Solana DEXes. Requires AGENTI_SOLANA_PRIVATE_KEY.
solana_deploy_token Financial

Deploy a new SPL token on Solana with custom name, symbol, decimals, and supply. Requires AGENTI_SOLANA_PRIVATE_KEY.
agenti_pay Financial

Make an HTTP request and automatically pay if the server requires x402 payment. Returns the response body as a string.
bnb_transfer Financial

Send BEP-20 tokens (USDT, BUSD, or any BEP-20) to an address on BNB Chain
pay Financial

Pay for an HTTP resource — automatically handles 402 Payment Required (x402 protocol)
solana_transfer Financial

Send SOL or any SPL token to another Solana address. Requires AGENTI_SOLANA_PRIVATE_KEY.
binance_place_order Financial

Place a market or limit buy/sell order. Requires BINANCE_API_KEY + BINANCE_SECRET_KEY.
bitrefill_check_order Financial

Poll a Bitrefill invoice until it completes and return the redemption code.
bnb_swap Financial

Swap BEP-20 tokens on PancakeSwap V3 (requires private key)
pump_buy Financial

Buy a pump.fun token with SOL. Works on bonding curve and graduated (PumpSwap AMM) tokens. Requires AGENTI_SOLANA_PRIVATE_KEY.
pump_sell Financial

Sell a pump.fun token back to SOL. Works on bonding curve and graduated tokens. Requires AGENTI_SOLANA_PRIVATE_KEY.
solana_stake Financial

Stake SOL via Sanctum liquid staking to earn yield. Returns an LST (liquid staking token). Requires AGENTI_SOLANA_PRIVATE_KEY.
solana_swap Financial

Swap any Solana token via Jupiter aggregator (best route). Requires AGENTI_SOLANA_PRIVATE_KEY.
agenti_receive Financial

Create a payment invoice so another party can send funds to this agent.
bitrefill_create_invoice Financial

Create a Bitrefill invoice for a product. Returns a crypto payment address (USDC by default) that can be passed to the pay tool.
create_invoice Financial

Create a payment request — returns an address and amount for someone to pay you
gmgn_copy_trade Financial

Copy a smart wallet trade: looks up a wallet\

Attacks that target this class

Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Critical-risk tools in Agenti

Tools at critical risk

Attacks that target this class

More on Agenti

Enforce policy on every Agenti tool call.