High-risk tools in Magento 2 Development MCP Server

High severity Magento 2 Development MCP Server MCP Server 7 of 29 tools

7 of the 29 tools in Magento 2 Development MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

cache-clean Execute

Clear specific Magento 2 cache types or all caches
sys-cron-run Execute

Run Magento 2 cron jobs
cache-flush Execute

Flush specific Magento 2 cache types or all caches
db-query Execute

Execute SQL queries directly on Magento 2 database
setup-di-compile Execute

Compile Magento 2 dependency injection configuration
setup-static-content-deploy Execute

Deploy Magento 2 static content and assets
setup-upgrade Execute

Run Magento 2 setup upgrade to update database schema and data

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Runaway Tool Loops
Prompt Injection via Tool Results

High-risk tools in Magento 2 Development MCP Server

Tools at high risk

Attacks that target this class

More on Magento 2 Development MCP Server

Enforce policy on every Magento 2 Development MCP Server tool call.