High-risk tools in KiCAD-MCP-Server
5 of the 157 tools in KiCAD-MCP-Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
autorouteExecuteRun Freerouting autorouter on the current PCB. Exports to Specctra DSN, runs Freerouting CLI, and imports the routed SES result. Requires Java 11+ and freerouting.jar (see check...
-
launch_kicad_uiExecuteLaunch KiCAD UI, optionally with a project file
-
run_drcExecuteRun the KiCAD Design Rule Check (DRC) on the current PCB and return violations. Optionally save the report to a file.
-
run_ercExecuteRuns the KiCAD Electrical Rules Check (ERC) on a schematic and returns all violations. Use after wiring to verify the schematic before generating a netlist.
-
refill_zonesExecuteRefill all copper zones on the board. WARNING: SWIG path has known segfault risk (see KNOWN_ISSUES.md). Prefer using IPC backend (KiCAD open) or triggering zone fill via KiCAD U...
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.