High-risk tools in IndexFoundry MCP
8 of the 46 tools in IndexFoundry MCP are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
indexfoundry_connect_sitemapExecuteCrawl a sitemap XML file and fetch all linked pages. Supports URL pattern filtering, concurrent fetching, and depth limits.
-
indexfoundry_index_embedExecuteGenerate vector embeddings for chunks using OpenAI or local models. Batch processing with retry logic and rate limiting.
-
indexfoundry_project_buildExecute⚙️ [STEP 3/5: BUILD] Process pending sources into searchable chunks. PREREQUISITES: - project_create must have been run - project_add_source must have added at least one source...
-
indexfoundry_project_deployExecute☁️ Deploy a project to Railway (production deployment). PREREQUISITES: - project_export must have generated deployment files - Railway CLI must be installed and authenticated -...
-
indexfoundry_project_serveExecute🚀 [STEP 5/5: SERVE] Start a local development server for testing a project. PREREQUISITES: - project_create must have been run - project_add_source must have added at least on...
-
indexfoundry_project_serve_stopExecute🛑 Stop a running project development server. USE WHEN: You need to stop a server started with project_serve WHAT THIS DOES: 1. Sends SIGTERM for graceful shutdown 2. Waits 2 ...
-
indexfoundry_serve_startExecuteStart an HTTP search API server for a run. Loads vectors and chunks into memory, serves semantic/hybrid/keyword search endpoints.
-
indexfoundry_serve_stopExecuteStop a running search API server for a run. Returns server uptime and request count.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.