High-risk tools in GoHighLevel MCP Server
14 of the 566 tools in GoHighLevel MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
ghl_deploy_agentExecuteDeploy an agent from staging to production.
-
ghl_trigger_workflowExecuteManually trigger a workflow for a specific contact. Useful for testing workflows or manually enrolling contacts.
-
start_campaignExecuteStart/launch a campaign
-
start_social_oauthExecuteStart OAuth process for social media platform
-
ghl_verify_email_domainExecuteTrigger DNS verification check for an email sending domain. Returns whether DKIM, SPF, and DMARC records are correctly configured.
-
retry_webhookExecuteRetry a failed webhook delivery
-
test_triggerExecuteTest a trigger with sample data
-
test_webhookExecuteSend a test event to a webhook
-
add_contact_to_workflowExecuteAdd contact to a workflow
-
ghl_publish_workflowExecutePublish a draft workflow, making it active and able to be triggered.
-
live_chat_typingExecuteSend typing indicator for live chat conversations
-
resume_campaignExecuteResume a paused campaign
-
schedule_email_campaign_v2ExecuteSchedule or start an Email Campaign V2 campaign. The campaign must be in draft, cancelled, or paused status.
-
send_smsExecuteSend an SMS message to a contact in GoHighLevel
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.