← High-risk tools

High-risk tools in Phantom

15 of the 24 tools in Phantom are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

More on Phantom

Enforce policy on every Phantom tool call.

Deterministic rules across all 15 Phantom tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

43,000+ MCP servers and 220,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.