High-risk tools in DebugMCP
8 of the 13 tools in DebugMCP are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
continue_executionExecuteResume program execution until the next breakpoint is hit or the program completes.
-
evaluate_expressionExecutePowerful runtime expression evaluator: Test hypotheses, check computed values, call methods, or inspect object properties in the live debug context. Goes beyond simple variable ...
-
restart_debuggingExecuteRestart the debug session from the beginning with the same configuration.
-
start_debuggingExecuteStart a VS Code debug session for a source file, optionally for a single test method.
-
step_intoExecuteDive into the current line of code.
-
step_outExecuteStep out of the current function
-
step_overExecuteExecute the current line of code without diving into it.
-
stop_debuggingExecuteStop the current debug session
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.