Critical-risk tools in Smartsheet MCP Server
11 of the 117 tools in Smartsheet MCP Server are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
bulk_delete_rowsDestructiveDeletes multiple rows from a sheet
-
delete_attachmentDestructiveDeletes an attachment from a sheet
-
delete_columnDestructiveDeletes a column from a sheet
-
delete_groupDestructiveDeletes a group
-
delete_rowsDestructiveDeletes rows from a sheet
-
delete_sheet_shareDestructiveRemoves sharing access from a sheet
-
delete_summary_fieldsDestructiveDeletes summary fields from a sheet
-
delete_webhookDestructiveDeletes a webhook
-
remove_cell_linkDestructiveRemoves a cell link from a cell
-
remove_favoritesDestructiveRemoves items from favorites
-
remove_group_memberDestructiveRemoves a member from a group
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.