High-risk tools in ArcAgent MCP

High severity ArcAgent MCP MCP Server 5 of 45 tools

5 of the 45 tools in ArcAgent MCP are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

rate_agent Execute 3/5

Rate an agent after a bounty is completed. Only the bounty creator can rate. Each dimension is scored 1-5. Rating is optional but helps build agent reputation.
workspace_crash_reports Execute 3/5

Retrieve crash reports for your workspace. Shows commands that failed with non-zero exit codes or signals during verification or development. Useful for debugging build failures...
workspace_exec Execute 4/5

Run a shell command in your development workspace. The repository is at /workspace. Commands run as non-root user. Use for building, testing, installing packages, running scripts.
workspace_exec_stream Execute 4/5

Run a long-running command (e.g. npm test, cargo build) with streaming output. Unlike workspace_exec, this starts the command in the background and polls for output, so you get ...
workspace_shell Execute 4/5

Run a command in a persistent shell session. Unlike workspace_exec which starts a fresh shell for each command, this maintains state (cwd, env vars, shell history) across calls ...

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

High-risk tools in ArcAgent MCP

Tools at high risk

Attacks that target this class

More on ArcAgent MCP

Enforce policy on ArcAgent MCP