High-risk tools in SeleniumMCP
15 of the 26 tools in SeleniumMCP are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
browser_resetExecuteRestart the Selenium browser session.
-
browser_startExecuteStart a Selenium browser session if one is not already running.
-
browser_stopExecuteStop the current Selenium browser session.
-
clickExecuteClick an element located by CSS selector, XPath, id, name, text, tag, or class.
-
execute_scriptExecuteExecute JavaScript in the active page and return the JSON-serializable result.
-
go_backExecuteNavigate one step back in browser history.
-
go_forwardExecuteNavigate one step forward in browser history.
-
navigateExecuteNavigate the browser to an http, https, or allowed file URL.
-
open_new_tabExecuteOpen a new browser tab and optionally navigate it to a URL.
-
refreshExecuteRefresh the current page.
-
scrollExecuteScroll the current page by the given x and y offsets.
-
set_window_sizeExecuteSet the browser window size.
-
switch_windowExecuteSwitch to a browser window or tab by Selenium window handle.
-
type_textExecuteType text into an element, optionally clearing it first.
-
wait_for_elementExecuteWait until an element exists, or until it is visible when requested.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.