Critical-risk tools in OPanel MCP
9 of the 47 tools in OPanel MCP are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
ban_ipDestructiveBan an IP address from accessing the Minecraft server.
-
ban_playerDestructiveBan a player from the Minecraft server.
-
clear_log_filesDestructiveDelete all log files except latest.log and debug.log on the Minecraft server.
-
delete_log_fileDestructiveDelete a log file on the Minecraft server.
-
delete_player_dataDestructiveDelete a player
-
delete_saveDestructiveDelete a save on the Minecraft server. This action is irreversible, so be careful when using this tool.
-
delete_scheduled_taskDestructiveDelete a scheduled task on OPanel.
-
remove_code_of_conductDestructiveRemove a code of conduct from the Minecraft server.
-
remove_from_whitelistDestructiveRemove a player from the whitelist of the Minecraft server.
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.