Critical-risk tools in Mcp Kraken
13 of the 54 tools in Mcp Kraken are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
cancel_all_ordersDestructiveCancel every open order.
-
cancel_all_orders_afterDestructiveDead-man-switch: schedule a bulk cancel after `timeout` seconds.
-
cancel_orderDestructiveCancel one order by id.
-
cancel_order_batchDestructiveCancel up to 50 orders in a single call.
-
cancel_withdrawalDestructiveRequest cancellation of a pending withdrawal.
-
remove_exportDestructiveCancel a pending export or delete the file of a completed one.
-
account_transferFinancialTransfer funds between the master account and a sub-account.
-
add_orderFinancialadd_order
-
add_order_batchFinancialadd_order_batch
-
allocate_earnFinancialAllocate `amount` of the strategy's asset into `strategy_id`.
-
deallocate_earnFinancialWithdraw `amount` from `strategy_id`.
-
wallet_transferFinancialTransfer between Kraken wallet types (e.g. Spot ↔ Futures).
-
withdrawFinancialSubmit a withdrawal.
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.