High-risk tools in Playwright MCP with Electron Support
20 of the 34 tools in Playwright MCP with Electron Support are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
browser_navigateExecuteNavigate to a URL
-
browser_navigate_backExecuteGo back to the previous page
-
browser_navigate_forwardExecuteGo forward to the next page
-
browser_tab_newExecuteOpen a new tab
-
browser_wait_forExecuteWait for text to appear or disappear or a specified time to pass
-
browser_clickExecutePerform click on a web page
-
browser_dragExecutePerform drag and drop between two elements
-
browser_handle_dialogExecuteHandle a dialog
-
browser_hoverExecuteHover over element on page
-
browser_installExecuteInstall the browser specified in the config. Call this if you get an error about the browser not being installed.
-
browser_press_keyExecutePress a key on the keyboard
-
browser_resizeExecuteResize the browser window
-
browser_screen_clickExecuteClick left mouse button
-
browser_screen_dragExecuteDrag left mouse button
-
browser_screen_move_mouseExecuteMove mouse to a given position
-
browser_screen_typeExecuteType text
-
browser_select_optionExecuteSelect an option in a dropdown
-
browser_tab_selectExecuteSelect a tab by index
-
browser_typeExecuteType text into editable element
-
electron_evaluateExecuteEvaluate JavaScript expression in the main Electron process
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.