High-risk tools in Iac
5 of the 12 tools in Iac are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
execute_app_commandExecuteExecute an application command that was loaded via get_app_tools. Use this to invoke app-specific actions like activate, open, close, etc. First call get_app_tools to load the app\
-
iac_mcp_activate_appExecuteBring a macOS application to the front (activate it). **Usage:** Pass the application name. The app will become the frontmost application. **Examples:** - app:
-
iac_mcp_click_elementExecuteClick a UI element identified by a reference from ui_snapshot. **Usage:** 1. First call ui_snapshot to get element references 2. Find the element you want to click 3. Pass its ...
-
iac_mcp_click_menuExecuteClick a menu item in an application by specifying the menu path. **Usage:** Provide the app name and menu path as
-
iac_mcp_send_keystrokeExecuteSend a keystroke to an application with optional modifier keys. **Usage:** Specify the app, key to press, and optional modifiers. **Examples:** - app:
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.