High-risk tools in Infor Birst MCP Server
5 of the 46 tools in Infor Birst MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
birst_execute_queryExecuteExecute a BQL query and return the results. Use after generating BQL or with known queries.
-
birst_generate_bqlExecuteConvert natural language queries to BQL (Birst Query Language). Use this to translate user questions about data into executable queries.
-
birst_job_actionExecutePerform an action on a job, such as canceling a running job or clearing job status.
-
birst_run_workflowExecuteTrigger a workflow to run immediately. Returns the run ID for status monitoring.
-
birst_space_actionExecutePerform administrative actions on a Birst space such as replication, publishing, cache clearing, and index rebuilding.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.