High-risk tools in Azure AI Agent Service MCP Server
7 of the 28 tools in Azure AI Agent Service MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
deploy_model_on_ai_servicesExecutedeploy_model_on_ai_services
-
execute_dynamic_swagger_actionExecuteExecute a dynamically generated tool from the Swagger specification. Args: tool_name: Name of the tool (operation ID) **params: Parameters for the API c...
-
run_agent_evalExecuteRun agent evaluation on agent data. Accepts both plain text and JSON strings. Parameters: - evaluator_name: Name of the agent evaluator to use (intent_resolution, tool_...
-
run_text_evalExecuterun_text_eval
-
agent_query_and_evaluateExecuteQuery an agent and evaluate its response in a single operation. Parameters: - agent_id: ID of the agent to query - query: Text query to send to the agent - eval...
-
query_default_agentExecuteSend a query to the default configured Azure AI Agent. Parameters: - query: Text query to send to the default agent Returns a dict with the agent's response and th...
-
connect_agentExecuteConnect to a specific Azure AI Agent and run a query. Parameters: - agent_id: ID of the agent to connect to - query: Text query to send to the agent Returns a ...
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.