Critical-risk tools in BuddyPress MCP Server
17 of the 83 tools in BuddyPress MCP Server are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
buddypress_delete_activityDestructiveDelete an activity item
-
buddypress_delete_friendshipDestructiveDelete/reject a friendship
-
buddypress_delete_groupDestructiveDelete a group
-
buddypress_delete_group_avatarDestructiveDelete a group avatar (reset to default)
-
buddypress_delete_group_coverDestructiveDelete a group cover image
-
buddypress_delete_group_inviteDestructiveDelete/reject a group invite
-
buddypress_delete_memberDestructiveDelete a member
-
buddypress_delete_member_avatarDestructiveDelete a member avatar (reset to default)
-
buddypress_delete_member_coverDestructiveDelete a member cover image
-
buddypress_delete_messageDestructiveDelete a message thread
-
buddypress_delete_notificationDestructiveDelete a notification
-
buddypress_delete_signupDestructiveDelete a pending signup
-
buddypress_delete_sitewide_noticeDestructiveDelete a sitewide notice
-
buddypress_delete_xprofile_dataDestructiveDelete XProfile data for a specific user and field
-
buddypress_delete_xprofile_fieldDestructiveDelete an XProfile field
-
buddypress_delete_xprofile_groupDestructiveDelete an XProfile field group
-
buddypress_remove_group_memberDestructiveRemove a member from a group
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.