High-risk tools in Playwright MCP
21 of the 32 tools in Playwright MCP are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
browser_navigateExecuteNavigate to a URL
-
browser_navigate_backExecuteGo back to the previous page
-
browser_navigate_forwardExecuteGo forward to the next page
-
browser_tab_newExecuteOpen a new tab
-
browser_waitExecuteWait for a specified time in seconds
-
browser_clickExecutePerform click on a web page
-
browser_dragExecutePerform drag and drop between two elements
-
browser_file_uploadExecuteUpload one or multiple files
-
browser_handle_dialogExecuteHandle a dialog
-
browser_hoverExecuteHover over element on page
-
browser_installExecuteInstall the browser specified in the config. Call this if you get an error about the browser not being installed.
-
browser_press_keyExecutePress a key on the keyboard
-
browser_resizeExecuteResize the browser window
-
browser_screen_clickExecuteClick left mouse button
-
browser_screen_dragExecuteDrag left mouse button
-
browser_screen_move_mouseExecuteMove mouse to a given position
-
browser_screen_typeExecuteType text
-
browser_select_optionExecuteSelect an option in a dropdown
-
browser_tab_selectExecuteSelect a tab by index
-
browser_typeExecuteType text into editable element
-
browser_video_enableExecute브라우저 세션의 비디오 녹화 기능을 활성화합니다
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.