Critical-risk tools in Metabase MCP Server
10 of the 87 tools in Metabase MCP Server are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
delete_cardDestructiveRemove a Metabase card either by archiving (soft delete, preserves history) or permanent deletion - use this to clean up unused cards, remove broken cards, or organize analytica...
-
delete_card_public_linkDestructiveRemove public access to a Metabase card by deleting its public URL (requires admin privileges) - use this to revoke external access to sensitive data, clean up unused public lin...
-
delete_collectionDestructivePermanently delete a Metabase collection - use with caution as this affects contained content and cannot be undone
-
delete_dashboardDestructiveDelete or archive a dashboard (soft or hard delete) - use with caution as permanent deletion cannot be undone
-
delete_databaseDestructivePermanently remove a database from Metabase - use with caution as this will break dependent content and cannot be undone
-
delete_public_linkDestructiveRemove public URL access for a dashboard (requires superuser) - use this to revoke external access for security or privacy reasons
-
discard_table_field_valuesDestructiveClear cached field values to force fresh data loading - use this when table data has changed or cached values are stale
-
remove_cards_from_dashboardDestructiveRemove specific dashcards from a dashboard by their dashcard IDs (not card_id) - use this to clean up dashboards or reorganize content
-
replace_table_csvDestructiveCompletely replace table data with new CSV content - use this for full data refreshes, model updates, or complete table replacements
-
update_dashboard_cardsDestructive⚠️ DANGER: REPLACES ALL dashboard cards - any cards not in the array will be DELETED. To update a single card, first get_dashboard to fetch ALL cards, then include ALL of them w...
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.