High-risk tools in Mcp Desktop
9 of the 14 tools in Mcp Desktop are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
clickExecuteLeft-click at the given screen coordinates. Pass verify_app to confirm the right app is frontmost before clicking.
-
double_clickExecuteDouble-click at the given screen coordinates. Pass verify_app to confirm the right app is frontmost before clicking.
-
key_pressExecutePress a key or key combination. Examples:
-
right_clickExecuteRight-click (secondary click) at the given screen coordinates. Pass verify_app to confirm the right app is frontmost before clicking.
-
scrollExecuteScroll at the given screen coordinates. Pass verify_app to confirm the right app is frontmost first.
-
switch_appExecuteBring an application to the foreground.
-
switch_tabExecuteSwitch to a tab in a browser or terminal. Matches by URL substring, then title substring, then index.
-
triple_clickExecuteTriple-click at the given screen coordinates. Selects all text in the clicked input field — the mouse-native alternative to cmd+a for web inputs.
-
type_textExecuteType a string of text as keyboard input into the currently focused element. Pass verify_app to confirm the right app is frontmost before typing.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.