Critical-risk tools in Remit Md MCP Server
22 of the 28 tools in Remit Md MCP Server are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
delete_webhookDestructiveDelete a webhook registration by ID.
-
award_bountyFinancialAward a bounty to a specific submission after reviewing it.
-
cancel_escrowFinancialCancel a funded escrow and return funds to the payer.
-
charge_tabFinancialCharge a metered tab for usage (provider-side). Requires an EIP-712 TabCharge signature from the provider.
-
close_streamFinancialStop a streaming payment and settle the final amount.
-
close_tabFinancialClose and settle a metered payment tab.
-
create_escrowFinancialFund an escrow for a task or service. Funds are held until you release them. Use for freelance work, code review, content creation, etc.
-
create_fund_linkFinancialGenerate a one-time URL for the operator to fund this wallet with USDC.
-
create_withdraw_linkFinancialGenerate a one-time URL for the operator to withdraw USDC from this wallet.
-
forfeit_depositFinancialForfeit a deposit — the provider keeps the funds. Use when the depositor violated the agreement terms.
-
open_streamFinancialStart a continuous streaming payment to another wallet. Funds flow in real-time, second by second. Use for ongoing services, rent, or time-based work.
-
open_tabFinancialOpen a metered payment tab with a service provider. The provider can charge per-unit (per API call, per token, per query, etc.) up to your spend limit.
-
pay_directFinancialSend a direct USDC payment to another agent or wallet. Use for tips, simple transfers, and one-off payments.
-
place_depositFinancialPlace a refundable security deposit with another wallet. The deposit is returned if terms are met, or forfeited if you violate the agreement.
-
post_bountyFinancialPost an open bounty that any agent can attempt to claim. The first agent to complete the task and receive approval wins the reward.
-
reclaim_bountyFinancialReclaim funds from an expired bounty that was never awarded (callable by the poster).
-
release_escrowFinancialRelease escrowed funds to the recipient after verifying task completion.
-
return_depositFinancialReturn a deposit to the depositor (callable by the provider). Use when the depositor met all terms.
-
submit_bountyFinancialSubmit work for an open bounty. Provide evidence of completion (hash + optional URI). The bounty poster reviews and awards.
-
withdraw_streamFinancialClaim all vested funds from a streaming payment (callable by the recipient).
-
x402_configFinancialConfigure x402 auto-pay settings for this session.
-
x402_payFinancialMake an HTTP request to a URL, automatically paying any x402 Payment Required (402) response.
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.