Critical-risk tools in Paragraph MCP
2 of the 20 tools in Paragraph MCP are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
delete-postDestructivePermanently delete a post by ID or slug. This action is irreversible. Always confirm with the user before deleting. Requires API key.
-
remove-subscriberDestructiveRemove a subscriber from your publication by email or wallet address. This is a hard delete and cannot be undone — always confirm with the user before calling. Tip: call
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.