High-risk tools in Mcp Dev
6 of the 412 tools in Mcp Dev are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
execute-health-check-actionExecuteExecutes remedial actions for health issues. WARNING: This performs system remedial actions that may modify system configuration, files, or database content. Use with caution.
-
post-indexer-by-index-name-rebuildExecuteRebuilds a specific index by name. This operation will trigger a full rebuild of the index, which may take some time depending on the amount of content. Use this only when a...
-
post-models-builder-buildExecuteTriggers the generation/build of Models Builder models. This endpoint initiates the process of generating strongly-typed models from Umbraco content types. The operation run...
-
publish-documentExecutePublishes a document by Id. IMPORTANT: If workflow approval is required, use the initiate-workflow-action function instead. This function bypasses approval workflows and publi...
-
publish-elementExecutePublishes an element by Id. IMPORTANT: If workflow approval is required, use the initiate-workflow-action function instead. This function bypasses approval workflows and publi...
-
run-health-check-groupExecuteExecutes health checks for a specific group. WARNING: This will run system diagnostics which may take time and could temporarily affect system performance.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.