High-risk tools in Nmap MCP Server
11 of the 11 tools in Nmap MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
nmap_basic_scanExecutePerform a basic Nmap scan of specified targets
-
nmap_comprehensive_scanExecutePerform comprehensive scan with all detection methods
-
nmap_custom_scanExecutePerform custom Nmap scan with user-defined options
-
nmap_network_discoveryExecuteDiscover hosts and services on a network
-
nmap_os_detectionExecutePerform operating system detection scan
-
nmap_ping_scanExecutePerform ping scan to discover live hosts
-
nmap_port_scanExecuteScan specific ports on target hosts
-
nmap_script_scanExecuteRun NSE (Nmap Scripting Engine) scripts
-
nmap_service_detectionExecutePerform service and version detection scan
-
nmap_stealth_scanExecutePerform stealth scan (SYN scan) with minimal detection
-
nmap_vulnerability_scanExecuteRun vulnerability detection scripts
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.