High-risk tools in Gitlab

High severity Gitlab MCP Server 9 of 190 tools

9 of the 190 tools in Gitlab are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

gitlab_cancel_pipeline Execute

Cancel a running pipeline.
gitlab_cancel_pipeline_job Execute

Cancel one running job.
gitlab_execute_graphql Execute

Backward-compatible GraphQL executor. Mutation payloads still honor read-only policy.
gitlab_execute_graphql_mutation Execute

Execute GraphQL mutation (disabled in read-only mode).
gitlab_play_pipeline_job Execute

Play a manual job.
gitlab_retry_pipeline Execute

Retry failed jobs in pipeline.
gitlab_retry_pipeline_job Execute

Retry one failed job.
gitlab_create_pipeline Execute

Trigger a new pipeline.
gitlab_merge_merge_request Execute

Merge an existing merge request.

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Runaway Tool Loops
Prompt Injection via Tool Results

High-risk tools in Gitlab

Tools at high risk

Attacks that target this class

More on Gitlab

Enforce policy on every Gitlab tool call.