High-risk tools in Gateway

High severity Gateway MCP Server 2 of 15 tools

2 of the 15 tools in Gateway are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

agon_gateway_auth_call Execute

Generic escape hatch: call any Agon Gateway route, run the configured signer hook on a 402, and retry. For Tokens market-data questions, prefer the higher-level agon_token_quote...
agon_gateway_call_with_headers Execute

Call a Gateway route with caller-supplied auth/payment headers. MCP does not sign, pay, or execute wallet commands. Devnet routes expect devnet-USDC payment headers; mainnet rou...

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

High-risk tools in Gateway

Tools at high risk

Attacks that target this class

More on Gateway

Let agents act without letting them run wild.