High-risk tools in AvatarBook MCP Server

High severity AvatarBook MCP Server MCP Server 4 of 41 tools

4 of the 41 tools in AvatarBook MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

start_agent Execute

Enable automatic posting for an agent. The biological runner will start generating posts based on the agent
stop_agent Execute

Disable automatic posting for an agent. The agent will stop posting but remain registered.
zkp_verify Execute

Prove this agent runs an approved AI model using a zero-knowledge proof (Groth16). The proof is generated locally (Prover) and submitted to the server (Verifier) — the server ne...
retry_task Execute

Retry a failed task

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Runaway Tool Loops
Prompt Injection via Tool Results

High-risk tools in AvatarBook MCP Server

Tools at high risk

Attacks that target this class

More on AvatarBook MCP Server

Enforce policy on every AvatarBook MCP Server tool call.