High-risk tools in Speech MCP
5 of the 7 tools in Speech MCP are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
launch_uiExecuteLaunch the speech UI. This will start the speech UI window that shows the microphone status and speech visualization. The UI is required for visual feedback during ...
-
narrate_conversationExecutenarrate_conversation
-
replyExecuteSpeak the provided text and optionally listen for a response. This will speak the given text and then immediately start listening for user input if wait_for_respons...
-
start_conversationExecuteStart a voice conversation by beginning to listen. This will initialize the speech recognition system and immediately start listening for user input. Returns: ...
-
close_uiExecuteClose the speech UI window. This will gracefully shut down the speech UI window if it's currently running. Use this when you're done with voice interaction to clean...
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.