High-risk tools in QGISMCP

High severity QGISMCP MCP Server 5 of 17 tools

5 of the 17 tools in QGISMCP are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

execute_code Execute

Execute arbitrary PyQGIS code provided as a string.
execute_processing Execute

Execute a processing algorithm with the given parameters.
execute_with_ai Execute

使用AI辅助执行处理算法
process_with_ollama Execute

使用Ollama处理QGIS数据并获取AI响应
zoom_to_layer Execute

Zoom to the extent of a specified layer.

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Runaway Tool Loops
Prompt Injection via Tool Results

High-risk tools in QGISMCP

Tools at high risk

Attacks that target this class

More on QGISMCP

Enforce policy on every QGISMCP tool call.