High-risk tools in MCP Appium Server

High severity MCP Appium Server MCP Server 55 of 110 tools

55 of the 110 tools in MCP Appium Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

reset-app Execute

Reset the app (terminate and relaunch) associated with the current Appium session
xcode_reset_privacy_permission Execute

Reset privacy permission for an app
xcode_revoke_privacy_permission Execute

Revoke privacy permission from an app
execute-adb-command Execute

Execute a custom ADB command
execute-mobile-command Execute

Execute a custom mobile command for iOS or Android
initialize-appium Execute

Initialize an Appium driver session for mobile automation
launch-app Execute

Launch an app on an Android device
launch-appium-app Execute

Launch the app associated with the current Appium session
start-recording Execute

Start recording the screen
stop-recording Execute

Stop recording the screen and get the recording data
wait-for-element Execute

Wait for an element to be visible on screen
xcode_launch_app Execute

Launch an app on a simulator
xcode_record_video Execute

Start recording video of a simulator (returns process info)
xcode_trigger_memory_warning Execute

Trigger memory warning on a simulator
xcode_wait_for_simulator Execute

Wait for a simulator to be ready
inspect-and-act Execute

Inspect UI to identify element locators and then perform an action
inspect-and-tap Execute

Inspect an element using one locator, then tap using the best available locator
close-app Execute

Close the app associated with the current Appium session
close-appium Execute

Close the current Appium driver session
hide-keyboard Execute

Hide the keyboard if it
install-app Execute

Install an Android application APK
lock-device Execute

Lock the device screen
long-press Execute

Perform a long press gesture on an element
open-notifications Execute

Open the notifications panel (Android only)
perform-element-action Execute

Perform a specific action on an element using various locator strategies
perform-touch-id Execute

Simulate Touch ID fingerprint (iOS only)
perform-w3c-gesture Execute

Perform touch gestures using the W3C Actions API (more reliable than TouchAction API)
press-key-code Execute

Press an Android key code
scroll-screen Execute

Scroll the screen in a specified direction
scroll-to-element Execute

Scroll until an element becomes visible
send-key-event Execute

Send a key event to the device (e.g., HOME, BACK)
send-keys Execute

Send text input to a UI element
send-keys-by-ios-class-chain Execute

Send text to an element using iOS class chain (iOS only)
send-keys-by-ios-predicate Execute

Send text to an element using iOS predicate string (iOS only)
send-keys-to-device Execute

Send keys directly to the device without focusing on any element
set-orientation Execute

Set the device orientation
shake-device Execute

Simulate shake gesture (iOS only)
smart-tap Execute

Intelligently tap an element trying different locator strategies in a specific order
swipe Execute

Perform a swipe gesture on the screen
switch-context Execute

Switch between contexts (e.g., NATIVE_APP, WEBVIEW)
tap-by-ios-class-chain Execute

Tap on an element using iOS class chain (iOS only)
tap-by-ios-predicate Execute

Tap on an element using iOS predicate string (iOS only)
tap-element Execute

Tap on a UI element identified by a selector
tap-element-by-text Execute

Tap on an element containing specific text
unlock-device Execute

Unlock the device screen
xcode_boot_simulator Execute

Boot an iOS simulator
xcode_grant_privacy_permission Execute

Grant privacy permission to an app
xcode_install_cli Execute

Install Xcode command line tools (requires user interaction)
xcode_open_url Execute

Open a URL on a simulator
xcode_push_notification Execute

Push a notification to a simulator
xcode_set_hardware_keyboard Execute

Enable/disable hardware keyboard for a simulator
xcode_set_simulator_location Execute

Set the location of a simulator
xcode_shake_device Execute

Simulate shake gesture on a simulator
xcode_shutdown_simulator Execute

Shutdown an iOS simulator
xcode_terminate_app Execute

Terminate an app on a simulator

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Runaway Tool Loops
Prompt Injection via Tool Results

High-risk tools in MCP Appium Server

Tools at high risk

Attacks that target this class

More on MCP Appium Server

Enforce policy on every MCP Appium Server tool call.