High-risk tools in Fleet

High severity Fleet MCP Server 10 of 132 tools

10 of the 132 tools in Fleet are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

fleet_install_software Execute 5/5

Install software on a specific host
fleet_lock_device Execute 5/5

Lock an MDM-enrolled device remotely
fleet_lock_host Execute 5/5

Lock a host device remotely
fleet_query_host Execute 4/5

Run an ad-hoc live query against a specific host
fleet_query_host_by_identifier Execute 4/5

Run a live query by hostname, UUID, or serial
fleet_refetch_host Execute 3/5

Force a host to refetch and update its data
fleet_run_batch_script Execute 5/5

Run a script on multiple hosts simultaneously
fleet_run_live_query_with_results Execute 5/5

Execute a live query and collect results from hosts
fleet_run_saved_query Execute 4/5

Run a saved query against hosts
fleet_run_script Execute 5/5

Run a script on a specific host

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Runaway Tool Loops
Prompt Injection via Tool Results

High-risk tools in Fleet

Tools at high risk

Attacks that target this class

More on Fleet

Enforce policy on Fleet