High-risk tools in Retell AI MCP Server
9 of the 52 tools in Retell AI MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
retell_create_batch_callExecuteSchedule bulk outbound phone calls.
-
retell_create_batch_testExecuteRun automated test scenarios against an agent.
-
retell_create_chat_completionExecuteSend a message in an existing chat session and get the agent
-
retell_create_phone_callExecuteCreate a new outbound phone call using Retell AI. Initiates a call from a registered phone number to a target number using a configured AI agent.
-
retell_create_sms_chatExecuteStart an outbound SMS conversation using a specified chat agent.
-
retell_create_web_callExecuteCreate a new web call session. Returns a call ID and access token for establishing a WebRTC connection.
-
retell_end_chatExecuteEnd an active chat session.
-
retell_publish_agentExecutePublish/deploy the current agent configuration as a new version.
-
retell_register_phone_callExecuteRegister an inbound call from a custom telephony provider.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.