Critical-risk tools in Synology Office

Critical severity Synology Office MCP Server 4 of 39 tools

4 of the 39 tools in Synology Office are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at critical risk

calendar_delete_event Destructive

Delete a Synology Calendar event permanently. Requires confirm=true.
drive_delete_file Destructive

Delete a file or folder in Synology Drive (moves to trash by default). Set confirm=true to execute.
spreadsheet_delete_file Destructive

WARNING: Permanently delete an ENTIRE spreadsheet file (.osheet).
spreadsheet_delete_sheet Destructive

Delete a sheet tab from a Synology Spreadsheet. This action cannot be undone. Provide either file_id or name. Set confirm=true to execute.

Attacks that target this class

Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Privilege escalation via admin-only tools
Data exfiltration via tool chaining
Runaway Tool Loops

Critical-risk tools in Synology Office

Tools at critical risk

Attacks that target this class

More on Synology Office

Enforce policy on every Synology Office tool call.