Critical-risk tools in Ue
12 of the 20 tools in Ue are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
animationDestructive 5/5Animation assets, skeletons, montages, blendspaces, anim blueprints, physics assets. Actions: - read_anim_blueprint: Read AnimBP structure. Params: assetPath - read_montage: Re...
-
assetDestructive 5/5Asset management: list, search, read, CRUD, import meshes/textures, datatables. Actions: - list: List assets in directory. Params: directory?, typeFilter?, recursive? - search:...
-
blueprintDestructive 5/5Blueprint reading, authoring, and compilation. Covers variables, functions, graphs, nodes, components, interfaces, and event dispatchers. Actions: - read: Read BP structure inc...
-
demoDestructive 4/5Neon Shrine demo scene builder and cleanup. Actions: - step: Execute demo step. Params: stepIndex? - cleanup: Remove demo assets and actors
-
editorDestructive 5/5Editor commands, Python execution, PIE, undo/redo, hot reload, viewport, performance, sequencer, build pipeline, logs, editor control. Actions: - start_editor: Launch Unreal Ed...
-
foliageDestructive 4/5Foliage painting, types, sampling, and settings. Actions: - list_types: List foliage types in level - get_settings: Read foliage type settings. Params: foliageTypeName - sample...
-
gameplayDestructive 5/5Gameplay systems: physics, collision, navigation, input, behavior trees, AI (EQS, perception, State Trees, Smart Objects), game framework. Actions: - set_collision_profile: Set...
-
levelDestructive 5/5Level actors, selection, components, level management, volumes, lights, and splines. Actions: - get_outliner: List actors. Params: classFilter?, nameFilter?, world? (editor|pie...
-
materialDestructive 4/5Materials: create, read, parameters, shading, textures, and graph authoring (expression nodes, connections). Actions: - read: Read material structure. Params: assetPath - list_...
-
niagaraDestructive 5/5Niagara VFX: systems, emitters, spawning, parameters, and graph authoring. Actions: - list: List Niagara assets. Params: directory?, recursive? - get_info: Inspect system. Para...
-
pcgDestructive 5/5Procedural Content Generation: graphs, nodes, connections, execution, volumes. Actions: - list_graphs: List PCG graphs. Params: directory?, recursive? - read_graph: Read graph ...
-
widgetDestructive 5/5UMG Widget Blueprints, Editor Utility Widgets, and Editor Utility Blueprints. Actions: - read_tree: Read widget hierarchy. Params: assetPath - get_details: Inspect widget. Para...
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.
More on Ue
Enforce policy on Ue
One command generates a policy scaffold for every server in your MCP config.
npx -y @policylayer/intercept init