High-risk tools in PlugLayer MCP Server
10 of the 61 tools in PlugLayer MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
deploy_composeExecuteAnalyze docker-compose.yml, split it into separate deploy units, provision known databases through Data Layer, and deploy the remaining services as separate apps. If any service...
-
deploy_imageExecutedeploy_image
-
deploy_marketplace_templateExecuteDeploy a marketplace template into an existing project or a brand-new project created during the same flow. Secret-like required env vars are auto-resolved here before the deplo...
-
exec_app_terminalExecuteRun a shell command inside the user's own deployed app container and return the result. Uses a fixed 360-second backend timeout. Keep input at or below 10,000 characters and abo...
-
redeployExecuteRedeploy an existing app without changing its current slug. Confirm the exact app name with the user first and pass it here. Default to `recreate` to minimize temporary live com...
-
restart_appExecuteRestart an app by queueing a redeploy. Default to `recreate` to optimize compute usage; use `rolling` only when lower downtime matters more than temporary headroom.
-
restart_databaseExecuteRestart a provisioned database by queueing its redeploy/restart flow.
-
sync_database_env_to_appExecuteUpdate one deployed app's env vars using a provisioned database's concrete connection details, then restart the existing app.
-
upload_image_archive_and_deployExecuteUpload a locally built Docker/OCI image archive to PlugLayer. If the target app already exists in the project, upload to that app first and redeploy it; otherwise create a new a...
-
upload_image_archive_and_redeploy_appExecuteRebuild flow for existing apps: upload a newly built image archive, push it with a new tag, keep the current slug, and redeploy the existing app.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.