High-risk tools in Enhanced ADB MCP Server
28 of the 77 tools in Enhanced ADB MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
change_screen_sizeExecuteChange screen resolution - useful for testing different screen sizes
-
double_tapExecuteDouble tap at coordinates
-
force_stop_appExecuteForce stop an app
-
install_apkExecuteInstall an APK file
-
launch_activityExecuteLaunch a specific activity
-
launch_appExecuteLaunch an app by package name
-
long_pressExecuteLong press at coordinates for specified duration
-
press_backExecutePress the back button
-
press_homeExecutePress the home button
-
press_keyExecutepress_key
-
press_recent_appsExecuteOpen recent apps / app switcher
-
reboot_deviceExecuteReboot the device.
-
rotate_screenExecuteRotate screen orientation.
-
scroll_downExecuteScroll down on the current screen
-
scroll_to_textExecuteScroll until text is found on screen
-
scroll_upExecuteScroll up on the current screen
-
shell_commandExecuteExecute an arbitrary ADB shell command.
-
simulate_callExecuteSimulate incoming call (emulator only)
-
start_screen_recordExecuteStart recording the screen. Max duration is 180 seconds.
-
stop_screen_recordExecuteStop any ongoing screen recording
-
swipeExecuteSwipe from start to end coordinates
-
tapExecuteTap at screen coordinates (x, y)
-
tap_elementExecuteTap on an element by text or resource ID.
-
toggle_airplane_modeExecuteEnable or disable airplane mode
-
toggle_color_inversionExecuteEnable or disable display color inversion
-
toggle_show_layout_boundsExecuteShow layout bounds for all views - great for debugging layouts
-
toggle_talkbackExecuteEnable or disable TalkBack accessibility service
-
toggle_wifiExecuteEnable or disable WiFi
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.