High-risk tools in Osmosis MCP Server
12 of the 161 tools in Osmosis MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
acknowledge-packetExecuteAcknowledge receipt of an IBC packet
-
begin-unlockingExecuteBegin unlocking specific locked tokens
-
begin-unlocking-allExecuteBegin unlocking all locked tokens for an account
-
cancel-upgradeExecuteCancel a pending software upgrade
-
prepare-execute-contractExecutePrepares a transaction to execute a contract
-
prepare-instantiate-contractExecutePrepares a transaction to instantiate a new contract
-
prepare-migrate-contractExecutePrepares a transaction to migrate a contract to new code
-
set-before-send-hookExecuteSet a before send hook for a token (admin only)
-
superfluid-undelegateExecuteUndelegate Superfluid staked tokens
-
unlock-and-migrate-superfluid-tokensExecuteUnlock and migrate Superfluid tokens to new validator
-
update-clientExecuteUpdate an IBC light client with new header
-
upgrade-proposalExecuteSubmit a software upgrade proposal
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.