High-risk tools in MCP Android Agent
17 of the 28 tools in MCP Android Agent are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
start_appExecuteLaunch an Android application by its package name with optional wait for the app to appear in foreground
-
stop_all_appsExecuteForce stop all running applications on the device to free up memory and start with a clean slate for testing
-
stop_appExecuteForce stop an Android application by its package name. Useful for closing apps that are misbehaving or for testing app restart scenarios.
-
wait_activityExecuteWait for a specific Android activity to appear on the screen. Useful for navigation verification and app state validation.
-
wait_for_elementExecuteWait for a UI element to appear on the screen. Essential for handling loading screens, animations, and dynamic content.
-
wait_for_screen_onExecuteWait until the device screen is turned on. Useful for asynchronous operations where screen activation is expected.
-
clickExecuteClick on a UI element identified by text, resource ID, or content description. Supports multiple selector types for flexible element targeting.
-
connect_deviceExecuteConnect to an Android device using uiautomator2 and return comprehensive device information. If device_id is not provided, automatically connects to the first available device.
-
dragExecuteDrag a specific UI element to a target location on the screen. Useful for drag-and-drop operations, reordering items, or custom interactions.
-
long_clickExecutePerform a long click (press and hold) on a UI element. Useful for context menus, drag operations, or long press actions.
-
press_keyExecutePress a hardware or software key on the device. Common keys include: home, back, menu, volume_up, volume_down, power, enter, delete
-
screen_offExecuteTurn the device screen off. Useful for testing how apps behave when device goes to sleep.
-
screen_onExecuteTurn the device screen on. Useful when the device has gone to sleep during automated testing.
-
scroll_toExecuteScroll to a specific element on the screen. Automatically finds scrollable containers and scrolls until the target element is visible.
-
send_textExecuteSend text input to the currently focused UI element. Can optionally clear existing text before sending. Perfect for form filling, search boxes, and text fields.
-
swipeExecutePerform a swipe gesture from one coordinate to another. Useful for scrolling, paging, or custom swipe actions.
-
unlock_screenExecuteUnlock the device screen. This will wake the device if it
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.