Critical-risk tools in Kockatoos Shopify MCP Server
21 of the 136 tools in Kockatoos Shopify MCP Server are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
cancel_fulfillmentDestructiveCancel a fulfillment. This restocks the items and sets the fulfillment status to cancelled.
-
cancel_orderDestructiveCancel an order. Optionally specify a reason and whether to send a notification email to the customer. This may also trigger a refund depending on
-
delete_automatic_discountDestructivePermanently delete an automatic discount by its GID. This cannot be undone.
-
delete_code_discountDestructivePermanently delete a code discount by its GID. This cannot be undone.
-
delete_custom_collectionDestructivePermanently delete a custom collection. Products in it are NOT deleted.
-
delete_customer_metafieldDestructiveDelete a customer metafield by its GID or numeric ID.
-
delete_discount_codeDestructiveDelete a redeem code from a GraphQL code discount node.
-
delete_draft_orderDestructivePermanently delete a draft order. Cannot delete completed draft orders.
-
delete_filesDestructivePermanently delete one or more files by their GIDs. This cannot be undone. Requires write_files access scope.
-
delete_menuDestructiveDelete a navigation menu. Default menus (e.g. main-menu, footer-menu) cannot be deleted. Requires write_online_store_navigation access scope.
-
delete_order_metafieldDestructiveDelete an order metafield by its GID or numeric ID.
-
delete_pageDestructivePermanently delete an online store page. This cannot be undone. Requires write_content or write_online_store_pages access scope.
-
delete_price_ruleDestructiveDelete a code discount by DiscountCodeNode ID. Preserves the legacy price-rule tool name for compatibility.
-
delete_productDestructivePermanently delete a product by its ID. This cannot be undone.
-
delete_product_imageDestructiveDelete an image from a product.
-
delete_product_metafieldDestructivePermanently delete a metafield by its GID. This cannot be undone.
-
delete_themeDestructiveDelete a theme. The active (MAIN) theme cannot be deleted. Requires write_themes access scope and a Shopify exemption.
-
delete_theme_filesDestructiveDelete one or more files from a theme by filename. Requires write_themes access scope.
-
delete_variantDestructiveDelete a product variant. A product must always have at least one variant.
-
delete_webhookDestructiveDelete a webhook subscription.
-
complete_draft_orderFinancialComplete a draft order, converting it into a real order. Optionally mark it as paid.
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.