High-risk tools in Mcp Oceanbase
18 of the 134 tools in Mcp Oceanbase are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
execute_cluster_sqlExecute在集群指定租户下执行SQL查询,支持各种常见SQL查询语句,如SELECT、SHOW TABLES、SHOW COLUMNS等 Args: query: SQL查询语句 cluster_name: 集群名称,如果提供则会重新配置连接 tenant_name: 租户名称,如果提供则会重新配置连接 ...
-
execute_sqlExecuteExecute an SQL on the OceanBase server.
-
obdiag_display_runExecuteobdiag 集群信息查询功能,执行获取的指令列表,需要功能来自obdiag_display_list的返回结果。只需要返回obdiag_display_list结果 :param scene: 指令名,来自obdiag_display_list的返回结果,如 'obdiag display scene run --scene=observer...
-
run_oceanbase_inspectionExecuteRun inspection This interface is used to initiate inspection for specified objects with a specific scenario. The caller must be authenticated through OCP application se...
-
scale_clusterExecutescale_cluster
-
scale_tenantExecutescale_tenant
-
call_obshell_sdkExecutecall_obshell_sdk
-
obdiag_check_runExecute巡检集群,并返回巡检报告 :param cluster_name: 集群配置文件名前缀,可选。如 ob_test 表示使用 ~/.obdiag/ob_test.yml。不传则使用默认 config.yml :return: 指令执行的输出结果
-
pause_backup_policyExecutepause_backup_policy
-
replay_tenant_logExecutereplay_tenant_log
-
switchover_tenantExecuteswitchover_tenant
-
upgrade_clusterExecuteupgrade_cluster
-
upgrade_tenantExecuteupgrade_tenant
-
activate_tenantExecuteactivate_tenant
-
install_componentExecute安装OceanBase组件, 目前支持ob-operator,ob-dashboard, local-path-provisioner,cert-manager,不支持其他组件, 如果未指定,默认将安装ob-operator和 ob-dashboard Args: component_name: 组件名称 ...
-
install_ob_operatorExecute安装ob-operator
-
install_okctlExecute安装okctl
-
update_componentExecute更新OceanBase组件, 目前支持ob-operator,ob-dashboard, local-path-provisioner,cert-manager,不支持其他组件, 如果未指定,默认将更新ob-operator和 ob-dashboard Args: component_name: 组件名称
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.