Critical-risk tools in TickTick/Dida365 MCP Server

Critical severity TickTick/Dida365 MCP Server MCP Server 2 of 11 tools

2 of the 11 tools in TickTick/Dida365 MCP Server are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at critical risk

delete_project_by_projectID Destructive

Permanently delete a project by its ID. This will also delete all tasks within the project. Returns success message upon deletion.
delete_task Destructive

Permanently delete a task from a project. Requires both task ID and project ID for confirmation. Returns success message upon deletion.

Attacks that target this class

Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Privilege escalation via admin-only tools
Data exfiltration via tool chaining
Runaway Tool Loops

Critical-risk tools in TickTick/Dida365 MCP Server

Tools at critical risk

Attacks that target this class

More on TickTick/Dida365 MCP Server

Enforce policy on every TickTick/Dida365 MCP Server tool call.