High-risk tools in Cargo

High severity Cargo MCP Server 7 of 12 tools

7 of the 12 tools in Cargo are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

audit Execute 3/5

Runs cargo audit and returns structured vulnerability data.
build Execute 4/5

Runs cargo build and returns structured diagnostics (file, line, code, severity, message).
clippy Execute 3/5

Runs cargo clippy and returns structured lint diagnostics.
doc Execute 3/5

Generates Rust documentation and returns structured output with warning count.
fmt Execute 3/5

Checks or fixes Rust formatting and returns structured output.
run Execute 4/5

Runs a cargo binary and returns structured output (exit code, stdout, stderr).
tree Execute 3/5

Displays the dependency tree for a Rust project.

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

High-risk tools in Cargo

Tools at high risk

Attacks that target this class

More on Cargo

Enforce policy on Cargo