High-risk tools in Structured Workflow MCP

High severity Structured Workflow MCP MCP Server 4 of 20 tools

4 of the 20 tools in Structured Workflow MCP are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

build_custom_workflow Execute

Build a custom workflow with full control over phases and configuration. Use specific workflow tools (refactor_workflow, create_feature_workflow, etc.) for optimized presets.
refactor_workflow Execute

Start a structured refactoring workflow to improve existing code without changing functionality
tdd_workflow Execute

Start a Test-Driven Development workflow with Red-Green-Refactor cycles
test_guidance Execute

Get MANDATORY guidance for the TEST phase - execute tests and validate functionality after refactoring

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Runaway Tool Loops
Prompt Injection via Tool Results

High-risk tools in Structured Workflow MCP

Tools at high risk

Attacks that target this class

More on Structured Workflow MCP

Enforce policy on every Structured Workflow MCP tool call.