High-risk tools in Specky

High severity Specky MCP Server 3 of 56 tools

3 of the 56 tools in Specky are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

sdd_validate_iac Execute

Generates a validation payload for Terraform MCP (plan/validate) or Azure MCP (template validation). The AI client routes this payload to the appropriate MCP server for execution.
sdd_advance_phase Execute

Validates that the current phase
sdd_setup_local_env Execute

Detects the project tech stack and generates a Docker-based local development environment (Dockerfile + docker-compose.yml). Returns a payload with routing_instructions for Dock...

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

High-risk tools in Specky

Tools at high risk

Attacks that target this class

More on Specky

Enforce policy on every Specky tool call.