Critical-risk tools in Caddy

Critical severity Caddy MCP Server 3 of 18 tools

3 of the 18 tools in Caddy are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at critical risk

caddy_config_delete Destructive

Delete config at a JSON path. Removes the config node at the specified path. Deleting a parent node also deletes every descendant -- e.g. deleting
caddy_remove_route Destructive

Remove a route. Target by @id (preferred — stable across reorderings) or by array index on a specific server. Index-based removal is a two-step read-then-delete and can race aga...
caddy_load Destructive

Replace the entire Caddy configuration atomically. Accepts a JSON config object, or a Caddyfile string with format=

Attacks that target this class

Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Critical-risk tools in Caddy

Tools at critical risk

Attacks that target this class

More on Caddy

Enforce policy on every Caddy tool call.