High-risk tools in Mealie MCP Server
14 of the 243 tools in Mealie MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
clean_admin_imagesExecuteRun admin image cleanup.
-
clean_admin_recipe_foldersExecuteRun admin recipe folder cleanup.
-
clean_admin_tempExecuteRun admin temporary file cleanup.
-
debug_admin_openaiExecuteRun Mealie's admin OpenAI debug endpoint.
-
download_urlExecuteDownload a URL through Mealie's utility download endpoint.
-
parse_ingredientExecuteParse one ingredient line using Mealie's parser endpoint.
-
parse_ingredientsExecuteParse multiple ingredient lines using Mealie's parser endpoint.
-
rerun_household_webhooksExecuteRerun household webhooks with a Mealie-native payload.
-
seed_group_foodsExecuteRun the group foods seeder using a Mealie-native payload.
-
seed_group_labelsExecuteRun the group labels seeder using a Mealie-native payload.
-
seed_group_unitsExecuteRun the group units seeder using a Mealie-native payload.
-
test_household_notificationExecuteTrigger a test for one household event notification.
-
test_household_webhookExecuteTrigger a test for one household webhook.
-
trigger_recipe_actionExecuteTrigger one household recipe action for a recipe slug.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.