High-risk tools in Playwright

High severity Playwright MCP Server 17 of 25 tools

17 of the 25 tools in Playwright are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

browser_click Execute

Click an element on a web page
browser_close Execute

Close the browser instance
browser_drag Execute

Drag an element to another location
browser_file_upload Execute

Upload a local file to a web page
browser_handle_dialog Execute

Handle a browser dialog
browser_hover Execute

Hover over an element on the page
browser_install Execute

Install the browser binary
browser_navigate Execute

Navigate to a URL in the browser
browser_navigate_back Execute

Navigate back in browser history
browser_navigate_forward Execute

Navigate forward in browser history
browser_press_key Execute

Press a keyboard key or combination
browser_resize Execute

Resize the browser window
browser_select_option Execute

Select an option from a dropdown
browser_tab_close Execute

Close a specific browser tab
browser_tab_new Execute

Open a new browser tab
browser_tab_select Execute

Switch to a specific browser tab
browser_type Execute

Type text into an input field

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Runaway Tool Loops
Prompt Injection via Tool Results

High-risk tools in Playwright

Tools at high risk

Attacks that target this class

More on Playwright

Let agents act without letting them run wild.