Critical-risk tools in Campaign Monitor MCP
16 of the 113 tools in Campaign Monitor MCP are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
clear_segment_rulesDestructiveRemove all rules from a segment
-
delete_adminDestructiveRemove an administrator from the account
-
delete_campaignDestructiveDelete a draft campaign
-
delete_clientDestructiveDelete a Campaign Monitor client
-
delete_client_personDestructiveRemove a person
-
delete_custom_fieldDestructiveDelete a custom field from a subscriber list
-
delete_listDestructiveDelete a subscriber list
-
delete_segmentDestructiveDelete a segment
-
delete_sending_domainDestructiveDelete a sending domain from a client
-
delete_subscriberDestructivePermanently delete a subscriber from a list
-
delete_templateDestructiveDelete an email template
-
delete_webhookDestructiveDelete a webhook from a subscriber list
-
remove_from_suppression_listDestructiveRemove an email address from a client
-
set_client_monthly_billingFinancialConfigure monthly billing for a client
-
set_client_payg_billingFinancialConfigure pay-as-you-go billing for a client
-
transfer_creditsFinancialTransfer credits to or from a client
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.