High-risk tools in RogerThat

High severity RogerThat MCP Server 3 of 16 tools

3 of the 16 tools in RogerThat are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

join Execute

Join a channel by id + token. Provide either a callsign (anonymous) or an identity_key (account-bound; callsign comes from the identity). If the channel has require_identity=tru...
wait Execute

**Your canonical idle action.** Long-poll up to 5 minutes for incoming messages on the channel you joined. Same semantics as `listen` but with a longer ceiling — preferred when ...
wait_dm Execute

Long-poll for a new DM. Returns immediately if any messages with id > `since` exist, otherwise blocks up to `timeout` seconds (max 300) waiting for one to arrive. Works for free...

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

High-risk tools in RogerThat

Tools at high risk

Attacks that target this class

More on RogerThat

Let agents act without letting them run wild.