High-risk tools in AutoDev MCP
8 of the 19 tools in AutoDev MCP are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
browser_assertExecuteRun browser assertions and persist pass/fail logs
-
browser_closeExecuteClose browser session and finalize persisted summary
-
browser_interactExecutePerform click/type/fill/press/select interactions in browser session
-
browser_navigateExecuteNavigate active browser session to target URL
-
browser_openExecuteOpen browser test session (extra track, does not replace CLI tests)
-
git_commit_featureExecuteWhen a complete small feature is done and tests pass, create a git commit according to configured policy.
-
run_pipelineExecuteRun dual-track pipeline: CLI tests first, then optional browser tests
-
run_testsExecuteRun original CLI test track and persist logs
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.