High-risk tools in Docker

High severity Docker MCP Server 9 of 56 tools

9 of the 56 tools in Docker are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

docker_compose_build Execute 3/5

Build Docker Compose services
docker_compose_restart Execute 3/5

Restart Docker Compose services
docker_compose_start Execute 3/5

Start Docker Compose services
docker_compose_stop Execute 3/5

Stop Docker Compose services
docker_compose_up Execute 3/5

Start Docker Compose services
docker_exec Execute 4/5

Execute a command in a running container
docker_restart_container Execute 3/5

Restart a container
docker_start_container Execute 3/5

Start a stopped container
docker_stop_container Execute 3/5

Stop a running container

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Runaway Tool Loops
Prompt Injection via Tool Results

High-risk tools in Docker

Tools at high risk

Attacks that target this class

More on Docker

Enforce policy on Docker