High-risk tools in Unified MCP Server
7 of the 39 tools in Unified MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
code_completeExecute智能补全未完成的代码,根据上下文和代码意图生成后续代码。适用于函数补全、逻辑补全等场景。
-
code_generateExecute根据自然语言描述生成Python或JavaScript代码。支持生成函数、类、组件等各种代码结构,可指定代码风格。
-
code_tddExecute以测试驱动开发(TDD)专家的身份,指导开发流程。确保先写测试后写实现,并覆盖所有边界情况和异常路径。
-
ollama_chat_completionExecuteOpenAI-compatible chat completion API
-
ollama_runExecuteRun a model
-
ollama_serveExecuteStart Ollama server
-
poetry_generateExecute根据主题、风格和长度生成中国古典诗词。可以生成唐诗、宋词、元曲等不同风格的诗词。
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.