High-risk tools in EasyWebhook-MCP
6 of the 7 tools in EasyWebhook-MCP are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
send_discord_webhookExecuteSend an embed message to Discord using a Discord webhook URL with optional title, color, username and avatar.
-
send_discord_webhook_by_aliasExecuteSend a Discord embed message using a stored webhook alias from .env file with optional title, color, username and avatar.
-
send_slack_webhookExecuteSend a message to Slack using a Slack webhook URL.
-
send_slack_webhook_by_aliasExecuteSend a Slack message using a stored webhook alias from .env file.
-
send_webhookExecuteSend a webhook request to any HTTP endpoint with custom payload and headers.
-
send_webhook_by_aliasExecuteSend a webhook using a stored alias from .env file with custom payload and headers.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.