High-risk tools in WebScout MCP
8 of the 14 tools in WebScout MCP are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
click_elementExecuteClick a button, link, or any interactive element on the page. Useful for navigating through multi-step interfaces, opening chat modals, starting new conversations, or triggering...
-
fill_formExecuteFill out one or multiple form fields in sequence, perfect for login forms, registration, search inputs, or any text entry. Supports pressing Enter after each field and clicking ...
-
initialize_sessionExecuteCreate a persistent browser session for step-by-step reverse engineering of complex chat interfaces. Use this when the chat requires login, multi-step navigation, or manual inte...
-
navigate_to_urlExecuteNavigate to a different URL within the same browser session. Maintains all cookies, authentication state, and session data. Useful for moving between different sections of a web...
-
reverse_engineer_chatExecuteAutomatically reverse engineer a chat interface by navigating to the URL, sending a test message, and capturing all network traffic to identify streaming API endpoints. Returns ...
-
start_network_captureExecuteStart capturing network traffic on the current browser session. Monitors all HTTP requests and responses, WebSocket frames, and streaming data. Can filter by POST requests only,...
-
switch_tabExecuteSwitch the active browser tab when multiple tabs are open in the session. Common scenario: clicking a link that opens a chat in a new tab requires switching to that tab to inter...
-
wait_for_elementExecuteWait for a specific element to appear on the page before continuing. Essential for handling dynamic content that loads asynchronously, page transitions, or elements that appear ...
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.