High-risk tools in Privy MCP Server
7 of the 24 tools in Privy MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
eth_signTransactionExecuteSign a transaction using the eth_signTransaction method with a specified wallet.
-
eth_signTypedData_v4ExecuteSign EIP-712 typed data using eth_signTypedData_v4 method.
-
personal_signExecuteSign a message using the personal_sign method with a specified wallet.
-
raw_signExecuteSign a raw hash using the wallet
-
secp256k1_signExecuteSign a hash using the secp256k1 method.
-
solana_signMessageExecuteSign a message with a Solana wallet.
-
solana_signTransactionExecuteSign a transaction with a Solana wallet without broadcasting it.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.