High-risk tools in Mcp Browser
6 of the 8 tools in Mcp Browser are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
browser_clickExecuteClick on an element in the browser. Can target by CSS selector, text content, or ARIA label.
-
browser_evaluateExecuteExecute JavaScript in the browser and return the result. Useful for complex extractions.
-
browser_navigateExecuteNavigate the browser to a URL. Returns the page title and current URL after navigation.
-
browser_scrollExecuteScroll the page or an element.
-
browser_typeExecuteType text into an input field or textarea.
-
browser_waitExecuteWait for an element to appear on the page.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.