High-risk tools in Cloudera Data Visualization MCP Server
8 of the 66 tools in Cloudera Data Visualization MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
query_dataapiExecutequery_dataapi
-
reset_dataconnection_cacheExecuteReset the query result cache for a specific CDV data connection. Requires ds_manage permission.
-
run_extractExecuteRun one or more CDV data extract jobs by their comma-separated IDs.
-
run_jobExecuteTrigger a rerun of one or more CDV scheduled jobs.
-
set_gc_monitorExecuteEnable or disable GC monitoring on the CDV server.
-
set_gc_statsExecuteSet GC debug flags on the CDV server. Requires sys_viewlogs permission.
-
set_logger_levelExecuteSet the log level for a specific named logger. Requires sys_viewlogs permission.
-
toggle_cprofileExecuteToggle cProfile profiling on/off for a CDV server function. Requires sys_viewlogs permission.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.