High-risk tools in MCP-pptr
10 of the 13 tools in MCP-pptr are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
puppeteer_clickExecuteClick an element on the page
-
puppeteer_devtools_evaluateExecuteExecute CDP command
-
puppeteer_devtools_openExecuteOpen Chrome DevTools and get debugging port
-
puppeteer_devtools_subscribeExecuteSubscribe to CDP events
-
puppeteer_emulate_deviceExecuteEmulate mobile devices using Chrome DevTools Device Mode
-
puppeteer_evaluateExecuteExecute JavaScript in the browser console
-
puppeteer_fillExecuteFill out an input field
-
puppeteer_hoverExecuteHover an element on the page
-
puppeteer_navigateExecuteNavigate to a URL
-
puppeteer_selectExecuteSelect an element on the page with Select tag
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.