High-risk tools in JS Reverse Strong MCP
27 of the 85 tools in JS Reverse Strong MCP are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
evaluate_on_callframeExecuteEvaluates a JavaScript expression in the context of a specific call frame while paused. This allows you to inspect variables and execute code in the paused scope.
-
inject_preload_scriptExecuteRegister a JavaScript snippet that will run on future document loads before page scripts execute. Use this for preload hooks, environment patches, and early instrumentation.
-
navigate_pageExecuteNavigates the currently selected page to a URL, or performs back/forward/reload navigation. Waits for DOMContentLoaded event (not full page load). Default timeout is 10 seconds.
-
new_pageExecuteCreates a new page and navigates to the specified URL. Waits for DOMContentLoaded event (not full page load). Default timeout is 10 seconds.
-
stop_monitorExecuteStops an event monitor.
-
wait_for_elementExecuteWait for selector to appear.
-
analyze_targetExecuteOne-shot reverse workflow: collect code, run security/crypto analysis, optional deobfuscation, and hook timeline correlation.
-
break_on_xhrExecuteSets a breakpoint that triggers when an XHR/Fetch request URL contains the specified string.
-
evaluate_scriptExecuteEvaluate a JavaScript function inside the currently selected page. Returns the response as JSON so returned values have to JSON-serializable.
-
hook_functionExecuteRECOMMENDED for reverse engineering: Hooks a JavaScript function to log its calls, arguments, and return values without pausing execution. More reliable than breakpoints for aut...
-
inject_hookExecuteInject an existing hook into the current page.
-
inject_stealthExecuteInject anti-detection stealth scripts to current page.
-
pauseExecutePauses JavaScript execution at the current point. Use this to interrupt running code.
-
step_intoExecuteSteps into the next function call. Use this to enter and debug function bodies.
-
step_outExecuteSteps out of the current function, continuing until the function returns. Use this to quickly exit a function.
-
step_overExecuteSteps over to the next statement, treating function calls as a single step. Use this to move through code without entering function bodies.
-
trace_functionExecuteTraces calls to a function by its name in the source code. Works for ANY function including module-internal functions (webpack/rollup bundled). Uses
-
unhook_functionExecuteRemoves a previously installed function hook.
-
click_elementExecuteClick an element by selector.
-
create_hookExecuteRECOMMENDED: Create hook script for function/fetch/xhr/property/cookie/websocket/eval/timer. Hooks run without pausing page execution and are the preferred approach over breakpo...
-
restore_session_stateExecuteRestore a previously saved session snapshot to current page.
-
resumeExecuteResumes JavaScript execution after being paused at a breakpoint. Execution continues until the next breakpoint or completion.
-
select_frameExecuteSelects a frame (by index from list_frames) as the execution context for evaluate_script, hook_function, inspect_object, and other tools that run JavaScript in the page.
-
select_pageExecuteSelect a page as a context for future tool calls.
-
set_breakpointExecuteSets a breakpoint in a JavaScript file at the specified line. The breakpoint will trigger when the code executes. NOTE: Prefer hook_function or create_hook for monitoring functi...
-
set_breakpoint_on_textExecuteSets a breakpoint on specific code (function name, statement, etc.) by searching for it and automatically determining the exact position. Works with both normal and minified fil...
-
type_textExecuteType text into an input element.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.