High-risk tools in UI Bridge MCP
50 of the 149 tools in UI Bridge MCP are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
sdk_ai_executeExecutesdk_ai_execute
-
sdk_blurExecuteRemove focus from an element in the SDK app.
-
sdk_change_buffer_disableExecuteDisable change buffering.
-
sdk_change_buffer_enableExecuteEnable change buffering. All diffs are accumulated until drained.
-
sdk_clickExecutesdk_click
-
sdk_double_clickExecuteDouble-click an element in the SDK app.
-
sdk_dragExecuteDrag an element to a target in the SDK app.
-
sdk_execute_with_diffExecuteExecute an element action and capture what changed in the UI. Returns before/after diff with categorization.
-
sdk_focusExecuteFocus an element in the SDK app.
-
sdk_hoverExecuteHover over an element in the SDK app.
-
sdk_media_audit_performanceExecutesdk_media_audit_performance
-
sdk_page_go_backExecutesdk_page_go_back
-
sdk_page_go_forwardExecutesdk_page_go_forward
-
sdk_page_navigateExecutesdk_page_navigate
-
sdk_page_refreshExecutesdk_page_refresh
-
sdk_redoExecuteExecute redo in the connected SDK app. Uses the app
-
sdk_right_clickExecuteRight-click an element in the SDK app.
-
sdk_scrollExecuteScroll within an element in the SDK app.
-
sdk_selectExecuteSelect an option in a dropdown in the SDK app.
-
sdk_submitExecuteSubmit the form containing the element in the SDK app.
-
sdk_toggleExecuteToggle a checkbox in the SDK app.
-
sdk_typeExecutesdk_type
-
sdk_undoExecuteExecute undo in the connected SDK app. Uses the app
-
sdk_wait_for_changeExecuteWait for the UI to change matching a predicate. Polls until a matching change is detected or timeout.
-
sdk_wait_for_network_requestExecutesdk_wait_for_network_request
-
ui_blurExecuteRemove focus from an element in the runner
-
ui_change_buffer_drainExecuteDrain the change buffer in the runner
-
ui_checkExecuteCheck a checkbox element in the runner
-
ui_clickExecuteui_click
-
ui_double_clickExecuteDouble-click an element in the runner
-
ui_dragExecuteui_drag
-
ui_execute_with_diffExecuteExecute an element action in the runner
-
ui_fill_formExecuteui_fill_form
-
ui_focusExecuteFocus an element in the runner
-
ui_hoverExecuteHover over an element in the runner
-
ui_page_evaluateExecuteui_page_evaluate
-
ui_redoExecuteExecute redo in the runner
-
ui_right_clickExecuteRight-click an element in the runner
-
ui_scrollExecuteScroll within an element in the runner
-
ui_selectExecuteSelect an option in a dropdown/select element in the runner
-
ui_submitExecuteSubmit the form containing the element in the runner
-
ui_toggleExecuteToggle a checkbox element in the runner
-
ui_typeExecuteui_type
-
ui_uncheckExecuteUncheck a checkbox element in the runner
-
ui_undoExecuteExecute undo in the runner
-
ui_wait_for_changeExecuteWait for the runner
-
ui_wait_for_network_requestExecuteui_wait_for_network_request
-
wait_for_idleExecutewait_for_idle
-
wait_for_signalExecutewait_for_signal
-
wait_for_targetsExecutewait_for_targets
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.