Critical-risk tools in Wireshark MCP Server
2 of the 19 tools in Wireshark MCP Server are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
wireshark_clean_projectDestructiveRemove entire project directory and all locally synced PCAP files. Use for full cleanup when analysis is complete. Does not affect GitHub repo. Uses GitHub credentials from MCP ...
-
wireshark_remove_pcapDestructiveRemove a single PCAP file from the local workspace. Does not affect the GitHub repo - only removes the local copy. File can be re-synced later. Required: pcap_name. Uses GitHub ...
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.