Critical-risk tools in ReaperMCP

Critical severity ReaperMCP MCP Server 12 of 138 tools

12 of the 138 tools in ReaperMCP are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at critical risk

envelope_clear_range Destructive

envelope_clear_range
fx_remove Destructive

Remove FX from track chain.
item_delete Destructive

Delete an item.
marker_delete Destructive

Delete marker/region.
midi_delete_all_notes Destructive

Clear all notes from a MIDI item.
midi_delete_cc Destructive

Delete a CC event.
midi_delete_note Destructive

Delete a note.
tempo_clear_all Destructive

Delete every tempo/time-sig marker — resets the project to its base tempo.
tempo_delete_marker Destructive

Delete a tempo/time-sig marker by its index (from `tempo_list_markers`).
track_delete Destructive

Delete a track.
track_template_delete Destructive

Delete a saved track template.
item_take_delete_active Destructive

Delete the currently active take from an item.

Attacks that target this class

Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Privilege escalation via admin-only tools
Data exfiltration via tool chaining
Runaway Tool Loops

Critical-risk tools in ReaperMCP

Tools at critical risk

Attacks that target this class

More on ReaperMCP

Enforce policy on every ReaperMCP tool call.