Critical-risk tools in ClickUp MCP Server
4 of the 21 tools in ClickUp MCP Server are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
delete_bulk_tasksDestructive⚠️ PERMANENTLY DELETE multiple tasks. This action cannot be undone. For each task, you MUST provide either: 1. taskId alone (preferred and safest) 2. taskName + listName (use wi...
-
delete_folderDestructive⚠️ PERMANENTLY DELETE a folder and all its contents. This action cannot be undone. Valid parameter combinations: 1. Use folderId alone (preferred and safest) 2. Use folderName +...
-
delete_listDestructivePermanently delete a ClickUp list and all its tasks. You MUST provide either listId or listName. WARNING: This action cannot be undone.
-
delete_taskDestructive⚠️ PERMANENTLY DELETE a task. This action cannot be undone. Valid parameter combinations: 1. Use taskId alone (preferred and safest) 2. Use taskName + optional listName (use wit...
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.