High-risk tools in cPanel MCP Server

High severity cPanel MCP Server MCP Server 10 of 164 tools

10 of the 164 tools in cPanel MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

deploy_git_repo Execute

Deploy a Git repository (trigger deployment via .cpanel.yml)
start_virus_scan Execute

Start a ClamAV virus scan on a directory (requires ClamAV plugin on server)
trigger_autossl Execute

Trigger an AutoSSL check/renewal for the account
disable_modsecurity Execute

Disable ModSecurity (WAF) for all domains
disable_modsecurity_domain Execute

Disable ModSecurity for specific domains
disable_passenger_app Execute

Disable/stop a registered application
enable_passenger_app Execute

Enable/start a registered application
ensure_passenger_deps Execute

Install/update dependencies for a registered application (npm install, pip install, etc.)
trace_email_filter Execute

Test email filters against a message to see which rules match
update_git_repo Execute

Pull/update a Git repository

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

High-risk tools in cPanel MCP Server

Tools at high risk

Attacks that target this class

More on cPanel MCP Server

Enforce policy on every cPanel MCP Server tool call.