High-risk tools in Interactive Api Playground

High severity Interactive Api Playground MCP Server 3 of 5 tools

3 of the 5 tools in Interactive Api Playground are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

api_executor Execute

Execute a live HTTP request to an external URL. Returns real status, headers, and response body. Private IPs are blocked.
code_generator Execute

Generate a ready-to-run code snippet for an HTTP request in javascript, typescript, python, curl, go, ruby, php, or java.
history_tracker Execute

Get invocation history for a tool within the current Worker instance. Resets on cold start.

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Runaway Tool Loops
Prompt Injection via Tool Results

High-risk tools in Interactive Api Playground

Tools at high risk

Attacks that target this class

More on Interactive Api Playground

Let agents act without letting them run wild.