Critical-risk tools in Xrpl mcp

Critical severity Xrpl mcp MCP Server 28 of 71 tools

28 of the 71 tools in Xrpl mcp are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at critical risk

amm-delete Destructive

Delete an Automated Market Maker (AMM) from the XRP Ledger
credential-delete Destructive

Delete a credential from the XRP Ledger. Either the issuer or the subject can delete a credential at any time. Anyone can delete an expired credential.
delete-account Destructive

Delete an XRP Ledger account and send remaining XRP to a destination account
escrow-cancel Destructive

Cancel an unexecuted Escrow on the XRP Ledger
mpt-issuance-destroy Destructive

Destroy/delete a Multi-Purpose Token (MPT) issuance. The issuance must have zero outstanding tokens.
offer-cancel Destructive

Cancel an existing Offer (order) in the XRP Ledger
oracle-delete Destructive

Delete an Oracle object on the XRP Ledger Price Oracle amendment is required
permissioned-domain-delete Destructive

Delete a Permissioned Domain from the XRP Ledger. Only the domain owner can delete a domain.
amm-deposit Financial

Deposit assets into an existing Automated Market Maker (AMM) on the XRP Ledger
transfer-token Financial

Transfer tokens between addresses
transfer-xrp Financial

Transfer XRP between accounts using the connected wallet or a named wallet
check-cancel Destructive

Cancel an uncashed Check on the XRP Ledger
check-cash Financial

Cash a Check to receive funds from it
amm-bid Financial

Place a bid on an Automated Market Maker
amm-clawback Financial

Clawback assets from an Automated Market Maker (AMM)
amm-create Financial

Create a new Automated Market Maker (AMM) on the XRP Ledger
approve-transaction Financial

Approve a pending transaction, signing and submitting it to the XRP Ledger. This is a destructive action that sends a real transaction.
batch-payment Financial

Submit a batch of payment transactions. This is a convenience wrapper around batch-submit for common payment batching scenarios.
deactivate-did Destructive

Deactivate a DID by marking it as revoked
escrow-finish Financial

Finish an Escrow on the XRP Ledger, releasing funds to the recipient
offer-create Financial

Create an Offer (order) in the XRP Ledger
payment Financial

Send a payment from one account to another on the XRP Ledger
payment-channel-claim Financial

Claim funds from a Payment Channel on the XRP Ledger
payment-channel-create Financial

Create a Payment Channel on the XRP Ledger for off-ledger payments
payment-channel-fund Financial

Add additional XRP to an existing Payment Channel
reject-transaction Destructive

Reject a pending transaction, preventing it from being signed or submitted.
token-clawback Financial

Claw back tokens issued by your account from a holder
token-escrow-create Financial

Create an Escrow for fungible tokens (Trust Line Tokens or MPTs) on the XRP Ledger. Requires the TokenEscrow amendment. For Trust Line Tokens, the issuer must have lsfAllowTrust...

Attacks that target this class

Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Critical-risk tools in Xrpl mcp

Tools at critical risk

Attacks that target this class

More on Xrpl mcp

Enforce policy on every Xrpl mcp tool call.