High-risk tools in PiKVM MCP Server
8 of the 13 tools in PiKVM MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
pikvm_auto_calibrateExecuteAutomatically calibrate mouse coordinates by detecting the cursor position via screenshot diffing. This is more accurate than manual calibration. Moves the mouse multiple times,...
-
pikvm_calibrateExecuteStart mouse coordinate calibration. Moves cursor to screen center and returns expected position. Take a screenshot after calling this to visually verify actual cursor position, ...
-
pikvm_keyExecuteSend a key or key combination to the remote machine. Use JavaScript key codes (e.g., KeyA, Enter, ControlLeft).
-
pikvm_mouse_clickExecuteClick a mouse button on the remote machine. Optionally move to a pixel position first.
-
pikvm_mouse_moveExecuteMove the mouse cursor to a position on the remote machine. For absolute moves, coordinates are in screen pixels (0,0 = top-left). For relative moves, deltas are clamped to -127 ...
-
pikvm_mouse_scrollExecuteScroll the mouse wheel on the remote machine.
-
pikvm_shortcutExecuteSend a keyboard shortcut (multiple keys pressed simultaneously). Example: Ctrl+Alt+Delete
-
pikvm_typeExecuteType text on the remote machine using PiKVM. Handles special characters correctly via keymap conversion.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.