High-risk tools in Shellgate

High severity Shellgate MCP Server 3 of 31 tools

3 of the 31 tools in Shellgate are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

ssh_exec Execute

Execute a command on an SSH target. If the response has status
api_request Execute

Proxy an HTTP request through the gateway to an upstream API target. If the response has status
blind_type Execute

Type a sensitive vault field value using keyboard events. The target field must be focused. The secret never appears in the agent context.

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Runaway Tool Loops
Prompt Injection via Tool Results

High-risk tools in Shellgate

Tools at high risk

Attacks that target this class

More on Shellgate

Enforce policy on every Shellgate tool call.