High-risk tools in Terminal

High severity Terminal MCP Server 8 of 15 tools

8 of the 15 tools in Terminal are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

terminal_diff Execute 3/5

Run two commands and return a unified diff.
terminal_exec Execute 4/5

Execute a command in a terminal session and wait for it to finish.
terminal_retry Execute 3/5

Retry a command with backoff.
terminal_run Execute 5/5

Run a binary directly; avoid shell quoting.
terminal_run_paged Execute 4/5

Run a read-only command and return one page of output.
terminal_start Execute 4/5

Start a new interactive terminal session.
terminal_stop Execute 3/5

Stop and clean up a terminal session.
terminal_wait Execute 3/5

Wait for a pattern to appear in terminal output.

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Runaway Tool Loops
Prompt Injection via Tool Results

High-risk tools in Terminal

Tools at high risk

Attacks that target this class

More on Terminal

Enforce policy on Terminal