High-risk tools in ADB MCP Server
9 of the 20 tools in ADB MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
adb_app_launchExecuteLaunch an app by package name. Optionally specify an activity.
-
adb_app_stopExecuteForce-stop an app by package name.
-
adb_keyeventExecuteSend a safe key event (HOME, BACK, ENTER, etc.). Allowed: navigation, editing, media, alphanumeric keys.
-
adb_shellExecuteExecute an Android shell command. ⚠️ Requires confirm=true.
-
adb_swipeExecuteSwipe from (x1,y1) to (x2,y2) with optional duration (ms).
-
adb_tapExecuteTap screen at pixel coordinates (x, y).
-
adb_tap_textExecuteFind UI element by text/ID/content-desc and tap its center. Regex partial match.
-
adb_termux_execExecuteExecute a command in Termux bash. ⚠️ Requires confirm=true.
-
adb_textExecuteType text into focused input. ASCII via key injection, Unicode via clipboard paste (Android 10+).
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.