High-risk tools in MCP Desktop Tools
11 of the 20 tools in MCP Desktop Tools are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
browser_clickExecuteClick an element on the page by CSS selector
-
browser_navigateExecuteNavigate the current browser page to a URL
-
browser_openExecuteLaunch Chromium browser and navigate to a URL
-
browser_typeExecuteType text into an input element on the page
-
desktop_app_launchExecuteLaunch an application by path, name, or URI
-
desktop_keyboard_hotkeyExecutePress a keyboard shortcut (e.g. ctrl+c, alt+tab)
-
desktop_keyboard_typeExecuteType text using the keyboard (simulates key presses)
-
desktop_mouse_clickExecuteClick at screen coordinates using the mouse
-
desktop_mouse_moveExecuteMove the mouse cursor to screen coordinates
-
desktop_window_focusExecuteFocus a window by title (partial match)
-
desktop_window_resizeExecuteResize and/or move a window by title
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.