High-risk tools in CHAI pentest tool

High severity CHAI pentest tool MCP Server 10 of 16 tools

10 of the 16 tools in CHAI pentest tool are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

emergency_stop Execute

Emergency stop all processes for a session.
execute_command Execute

Execute a custom command with safety validation.
run_autonomous_scan_tool Execute

Run fully autonomous penetration test.
run_plugin Execute

Run a loaded plugin.
run_recon Execute

Run reconnaissance tools.
scan_vulnerabilities Execute

Run vulnerability scanning.
test_authentication Execute

Run authentication tests.
test_injection Execute

Run injection vulnerability tests.
test_network Execute

Run network security tests.
generate_poc Execute

Generate proof of concept for a finding.

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Runaway Tool Loops
Prompt Injection via Tool Results

High-risk tools in CHAI pentest tool

Tools at high risk

Attacks that target this class

More on CHAI pentest tool

Enforce policy on every CHAI pentest tool tool call.