High-risk tools in SitecoreMCP
14 of the 149 tools in SitecoreMCP are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
common-invoke-workflow-by-idExecuteExecutes workflow action for a Sitecore item by its ID.
-
common-invoke-workflow-by-pathExecuteExecutes workflow action for a Sitecore item by its path.
-
common-publish-item-by-idExecutePublishes a Sitecore item by its ID.
-
common-publish-item-by-pathExecutePublishes a Sitecore item by its path.
-
common-restart-applicationExecuteRestarts the Sitecore Application pool.
-
indexing-initialize-search-indexExecuteInitialize one or more Sitecore search indexes. If no name is provided, all indexes will be initialized.
-
indexing-initialize-search-index-item-by-idExecuteRebuilds the index for a given tree with the specified root item by id and index name. Supports wildcard filtering for the index name.
-
indexing-initialize-search-index-item-by-pathExecuteRebuilds the index for a given tree with the specified root item by path and index name. Supports wildcard filtering for the index name.
-
indexing-resume-search-indexExecuteResume one or more Sitecore search indexes. If no name is provided, all paused indexes will be resumed.
-
indexing-stop-search-indexExecuteStop one or more Sitecore search indexes. If no name is provided, all running indexes will be stopped.
-
indexing-suspend-search-indexExecuteSuspend one or more Sitecore search indexes. If no name is provided, all running indexes will be suspended.
-
item-service-run-stored-queryExecuteRun a stored Sitecore query by its definition item ID.
-
item-service-run-stored-searchExecuteRun a stored Sitecore search by its definition item ID.
-
run-powershell-scriptExecuteRuns a PowerShell script and returns the output.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.