High-risk tools in Screenshotsmcp

High severity Screenshotsmcp MCP Server 4 of 56 tools

4 of the 56 tools in Screenshotsmcp are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

browser_evaluate Execute 4/5

Run JavaScript in the browser page and return the result as text. Useful for extracting data, checking values, or triggering actions.
browser_navigate Execute 4/5

Open a browser and navigate to a URL. Returns a screenshot of the loaded page. Use this to start a browser session — the returned sessionId must be passed to all subsequent brow...
browser_wait_for Execute 3/5

Wait for an element to appear on the page, then return a screenshot. Useful after navigation or form submissions.
ux_review Execute 3/5

Run an AI-powered UX review on any URL. Captures a screenshot and analyzes it along with accessibility tree, SEO metadata, and performance metrics using Kimi k2.5 vision. Return...

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

High-risk tools in Screenshotsmcp

Tools at high risk

Attacks that target this class

More on Screenshotsmcp

Enforce policy on Screenshotsmcp