Critical-risk tools in Vercel MCP Server
32 of the 154 tools in Vercel MCP Server are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
cancel_deploymentDestructiveCancel a deployment which is currently building
-
delete_access_groupDestructiveDelete an access group
-
delete_access_group_projectDestructiveDelete an access group project
-
delete_aliasDestructiveDelete an Alias with the specified ID
-
delete_auth_tokenDestructiveInvalidate an authentication token
-
delete_deploymentDestructiveDelete a deployment by ID or URL
-
delete_dns_recordDestructiveRemoves an existing DNS record from a domain name
-
delete_edge_configDestructiveDelete an Edge Config
-
delete_edge_config_schemaDestructiveDelete Edge Config Schema
-
delete_edge_config_tokensDestructiveDelete Edge Config Tokens
-
delete_envDestructiveDelete an environment variable
-
delete_environmentDestructiveRemove a custom environment from a project
-
delete_firewall_bypassDestructiveRemove system bypass rules
-
delete_projectDestructiveDelete a specific project
-
delete_secretDestructiveDelete a secret
-
delete_teamDestructiveDelete a team under your account
-
delete_userDestructiveInitiates the deletion process for the currently authenticated User
-
delete_webhookDestructiveDeletes a webhook
-
domain_removeDestructiveRemove a domain
-
int_deleteDestructiveDelete an integration configuration
-
logdrain_deleteDestructiveDeletes a configurable log drain
-
logdrain_delete_integrationDestructiveDeletes an integration log drain
-
remove_certDestructiveRemove a certificate
-
remove_domainDestructiveRemove a domain from a project
-
remove_project_memberDestructiveRemove a member from a specific project
-
remove_team_memberDestructiveRemove a member from a team
-
domain_buyFinancialPurchase a domain
-
marketplace_invoice_actionFinancialPerform invoice actions like refund
-
domain_registerFinancialRegister or transfer-in a domain
-
submit_marketplace_balanceFinancialSubmit prepayment balances
-
submit_marketplace_billingFinancialSubmit marketplace billing data
-
submit_marketplace_invoiceFinancialSubmit a marketplace invoice
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.