High-risk tools in Amazon Bedrock Knowledge Base Retrieval MCP Server
86 of the 805 tools in Amazon Bedrock Knowledge Base Retrieval MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
batch-stop-update-actionExecutebatch-stop-update-action
-
browser_navigateExecutebrowser_navigate
-
browser_navigate_backExecutebrowser_navigate_back
-
browser_navigate_forwardExecutebrowser_navigate_forward
-
browser_wait_forExecutebrowser_wait_for
-
build_and_push_image_to_ecrExecutebuild_and_push_image_to_ecr
-
deploy_serverless_app_helpExecutedeploy_serverless_app_help
-
deploy_webappExecutedeploy_webapp
-
execute_cwl_insights_batchExecuteexecute_cwl_insights_batch
-
execute_log_insights_queryExecuteexecute_log_insights_query
-
execute_promql_queryExecuteexecute_promql_query
-
execute_promql_range_queryExecuteexecute_promql_range_query
-
execute_queryExecuteexecute_query
-
executeQueryExecuteExecutes a read-only SELECT query against the database - args: keyspace, query
-
ExecuteRangeQueryExecuteExecuteRangeQuery
-
finch_build_container_imageExecutefinch_build_container_image
-
invoke_agent_runtimeExecuteinvoke_agent_runtime
-
memory_start_extraction_jobExecutememory_start_extraction_job
-
policy_generation_startExecutepolicy_generation_start
-
run_checkovExecuterun_checkov
-
run_gremlin_queryExecuteExecutes the provided Tinkerpop Gremlin against the graph.
-
run_opencypher_queryExecuteExecutes the provided openCypher against the graph.
-
run_queryExecuteRun a SQL query against Microsoft SQL Server
-
sam_buildExecutesam_build
-
sam_deployExecutesam_deploy
-
sam_local_invokeExecutesam_local_invoke
-
start_applicationExecutestart_application
-
start_batch_translationExecutestart_batch_translation
-
start_browser_sessionExecutestart_browser_session
-
start_config_checksExecutestart_config_checks
-
start_dicom_export_jobExecutestart_dicom_export_job
-
start_dicom_import_jobExecutestart_dicom_import_job
-
start_fhir_export_jobExecuteStart a FHIR export job to export data from HealthLake
-
start_fhir_import_jobExecuteStart a FHIR import job to load data into HealthLake
-
start_security_scanExecutestart_security_scan
-
start-migrationExecutestart-migration
-
StartAHOReadSetExportJobExecuteStartAHOReadSetExportJob
-
StartAHOReadSetImportJobExecuteStartAHOReadSetImportJob
-
StartAHOReferenceImportJobExecuteStartAHOReferenceImportJob
-
StartAHORunExecuteStartAHORun
-
StartAHORunBatchExecuteStartAHORunBatch
-
stop_applicationExecutestop_application
-
stop_browser_sessionExecutestop_browser_session
-
stop_runtime_sessionExecutestop_runtime_session
-
stop_scanExecuteStop a running security scan.
-
trigger_batch_translationExecutetrigger_batch_translation
-
AssumeRoleWithIdentityContextExecuteAssumeRoleWithIdentityContext
-
browser_evaluateExecutebrowser_evaluate
-
browser_hoverExecutebrowser_hover
-
browser_mouse_wheelExecutebrowser_mouse_wheel
-
browser_take_screenshotExecutebrowser_take_screenshot
-
call_awsExecutecall_aws
-
CloneContainerToECRExecuteCloneContainerToECR
-
lake_queryExecutelake_query
-
list_removeExecuteRemove occurrences of value from list.
-
sam_initExecutesam_init
-
session-sqlExecutesession-sql
-
simulate_principal_policyExecutesimulate_principal_policy
-
string_decrementExecuteDecrement integer value.
-
string_incrementExecuteIncrement integer value.
-
troubleshoot_cloudformation_deploymentExecutetroubleshoot_cloudformation_deployment
-
validate_cloudformation_templateExecutevalidate_cloudformation_template
-
browser_clickExecutebrowser_click
-
browser_closeExecutebrowser_close
-
browser_fill_formExecutebrowser_fill_form
-
browser_handle_dialogExecutebrowser_handle_dialog
-
browser_press_keyExecutebrowser_press_key
-
browser_resizeExecutebrowser_resize
-
browser_select_optionExecutebrowser_select_option
-
browser_typeExecutebrowser_type
-
connect_to_databaseExecuteConnect to a SQL Server RDS instance and save the connection internally
-
create_agent_runtimeExecutecreate_agent_runtime
-
create_agent_runtime_endpointExecutecreate_agent_runtime_endpoint
-
create_functionExecutecreate_function
-
finch_push_imageExecutefinch_push_image
-
generate_infrastructure_codeExecutegenerate_infrastructure_code
-
manage_aws_athena_databases_and_tablesExecutemanage_aws_athena_databases_and_tables
-
manage_aws_athena_query_executionsExecutemanage_aws_athena_query_executions
-
manage_aws_emr_clustersExecutemanage_aws_emr_clusters
-
manage_aws_emr_ec2_instancesExecutemanage_aws_emr_ec2_instances
-
manage_aws_emr_ec2_stepsExecutemanage_aws_emr_ec2_steps
-
manage_aws_emr_serverless_job_runsExecutemanage_aws_emr_serverless_job_runs
-
manage_aws_glue_jobsExecutemanage_aws_glue_jobs
-
manage_aws_glue_sessionsExecutemanage_aws_glue_sessions
-
manage_aws_glue_statementsExecutemanage_aws_glue_statements
-
schedule_start_applicationExecuteschedule_start_application
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.