Critical-risk tools in Web3 MCP Server
10 of the 55 tools in Web3 MCP Server are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
executeSwapFinancialExecute a token swap using Jupiter DEX aggregator (using private key from .env)
-
transferFinancialTransfer SOL from your keypair (using private key from .env) to another address
-
approveEvmTokenFinancialApprove ERC-20 token spending on any supported EVM network (using private key from .env)
-
createXrpTrustlineFinancialCreate a trustline for a token on the XRP Ledger using private key from .env
-
sendCardanoAdaFinancialSend ADA from your wallet to a recipient address
-
sendCardanoTokensFinancialSend Cardano native tokens from your wallet to a recipient address
-
sendEvmTokenFinancialSend ERC-20 tokens on any supported EVM network (using private key from .env)
-
sendEvmTransactionFinancialSend native tokens on any supported EVM network (using private key from .env)
-
sendTonTransactionFinancialSend TON from your wallet to another address using mnemonic from .env
-
sendXrpTransactionFinancialSend XRP from your wallet to another address using private key from .env
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.