High-risk tools in Browserbeam MCP Server
10 of the 19 tools in Browserbeam MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
browserbeam_checkExecuteCheck or uncheck a checkbox or radio button.
-
browserbeam_clickExecuteClick an element on the page. Use ref (e.g.
-
browserbeam_create_sessionExecuteCreate a new browser session. Optionally navigate to a URL. The response already includes page markdown and interactive element refs -- use this as your first observation instea...
-
browserbeam_execute_jsExecuteRun custom JavaScript in the browser page context. Use
-
browserbeam_fillExecuteFill a form field or type into an input. Can fill a single field or an entire form at once.
-
browserbeam_navigateExecuteNavigate an existing session to a new URL. The response already includes page markdown and interactive element refs -- use this as your observation instead of calling observe ag...
-
browserbeam_scrollExecuteScroll the page by direction, to top/bottom, or scroll an element into view.
-
browserbeam_selectExecuteSelect an option from a <select> dropdown by its value.
-
browserbeam_typeExecuteType text character-by-character into an input. Fires real keyboard events for each character. Use for autocomplete, search-as-you-type, or inputs that need keystroke events. Do...
-
browserbeam_waitExecuteWait for a condition before continuing. Provide exactly one of: ms, selector, text, or until.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.