High-risk tools in Mobai

High severity Mobai MCP Server 4 of 20 tools

4 of the 20 tools in Mobai are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

debug_step Execute

Advance the target. "in" — step into next call (blocks ~ms, returns {state, breakpoints, stack, frame0_locals}) "over" — step over next call (same shape) "out" — run until...
execute_dsl Execute

Execute a batch of DSL commands on a device. This is the primary tool for all device interaction — tap, type, swipe, observe, launch apps, assertions, web automation, and more. ...
start_bridge Execute

Start the automation bridge on a device. Required before interacting with the device.
stop_bridge Execute

Stop the automation bridge on a device

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

High-risk tools in Mobai

Tools at high risk

Attacks that target this class

More on Mobai

Let agents act without letting them run wild.