Critical-risk tools in AAP MCP Server
15 of the 86 tools in AAP MCP Server are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
aap_cancel_jobDestructiveaap_cancel_job
-
aap_delete_credentialDestructiveaap_delete_credential
-
aap_delete_execution_environmentDestructiveDelete an AAP execution environment. DESTRUCTIVE - requires confirmation.
-
aap_delete_groupDestructiveDelete a host group from an AAP inventory. DESTRUCTIVE - requires confirmation.
-
aap_delete_hostDestructiveDelete a host from an AAP inventory. DESTRUCTIVE - requires confirmation.
-
aap_delete_inventoryDestructiveaap_delete_inventory
-
aap_delete_job_templateDestructiveaap_delete_job_template
-
aap_delete_organizationDestructiveaap_delete_organization
-
aap_delete_projectDestructiveaap_delete_project
-
aap_delete_scheduleDestructiveDelete an AAP schedule. DESTRUCTIVE - requires confirmation.
-
aap_delete_teamDestructiveDelete an AAP team. DESTRUCTIVE - requires confirmation.
-
aap_delete_userDestructiveDelete an AAP user. DESTRUCTIVE - requires confirmation.
-
aap_delete_workflow_templateDestructiveaap_delete_workflow_template
-
aap_remove_user_from_teamDestructiveRemove a user from an AAP team.
-
aap_revoke_roleDestructiveRevoke an RBAC role from an AAP user.
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.