High-risk tools in Linux MCP Server
4 of the 6 tools in Linux MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
confirm_commandExecutePrompt the user to confirm the execution of a previously flagged dangerous command
-
execute_commandExecuteExecute a Linux command on the remote host
-
file_operationsExecutePerform file operations (read, write, append)
-
trafficshaperExecuteManage traffic shaping rules on PE routers using the trafficshaper CLI tool. Supports setting delays, showing rules, deleting rules, and other traffic impairment operations.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.