Critical-risk tools in Morpheus MCP Server
22 of the 189 tools in Morpheus MCP Server are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
cancel_processDestructiveCancel a running process.
-
delete_appDestructiveDelete a Morpheus App and its instances.
-
delete_blueprintDestructiveDelete a blueprint.
-
delete_budgetDestructiveDelete a budget.
-
delete_catalog_itemDestructiveDelete a catalog item. item_id: from list_catalog_items
-
delete_cloudDestructiveRemove a cloud integration from Morpheus.
-
delete_execute_scheduleDestructiveDelete an execution schedule.
-
delete_instanceDestructiveDelete/deprovision an instance.
-
delete_jobDestructiveDelete an automation job.
-
delete_policyDestructiveDelete a policy permanently.
-
delete_power_scheduleDestructiveDelete a power schedule.
-
delete_roleDestructiveDelete a role. role_id: from list_roles
-
delete_scale_thresholdDestructiveDelete a scale threshold rule.
-
delete_serverDestructivedelete_server
-
delete_syslog_ruleDestructiveRemove a syslog forwarding rule.
-
delete_taskDestructiveDelete a task from the Morpheus automation library.
-
delete_tenantDestructiveDelete a tenant and all its resources. This is irreversible.
-
delete_tenant_groupDestructiveDelete a group from a tenant.
-
delete_userDestructiveDelete a user. user_id: from list_users
-
delete_virtual_imageDestructiveRemove a virtual image from Morpheus.
-
delete_workflowDestructiveDelete a workflow from the Morpheus automation library.
-
create_budgetFinancialcreate_budget
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.