High-risk tools in MCP DevTools Server
42 of the 79 tools in MCP DevTools Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
python_venvExecuteManage Python virtual environments (create, delete, info, list packages)
-
commitlintExecuteRun commitlint to validate commit messages
-
eslintExecuteRun ESLint on JavaScript/TypeScript files
-
go_benchmarkExecuteRun Go benchmarks to measure code performance
-
go_buildExecuteBuild Go packages with cross-compilation and custom build flags support
-
lint_allExecuteRun all available linters based on project type
-
lint_filesExecuteRun custom linting rules on project files
-
make_buildExecuteRun make build command to build the project
-
make_cleanExecuteRun make clean command to clean build artifacts
-
make_dependExecuteRun make depend command to install or update dependencies
-
make_lintExecuteRun make lint command to check code style and quality
-
markdownlintExecuteRun markdownlint on markdown files
-
nodejs_benchmarkExecuteRun performance benchmarks with Vitest, benchmark.js, or custom scripts
-
nodejs_buildExecuteRun build script with package manager (npm/yarn/pnpm/bun)
-
nodejs_lintExecuteRun ESLint on Node.js/TypeScript code
-
nodejs_scriptsExecuteRun or list npm scripts from package.json with caching
-
nodejs_securityExecuteRun security audit with npm/yarn audit to detect vulnerabilities
-
onboarding_wizardExecuteRun intelligent zero-configuration onboarding wizard to detect project type, generate configuration, verify tools, and validate setup
-
python_benchmarkExecuteRun performance benchmarks using pytest-benchmark with statistical analysis
-
python_buildExecuteBuild Python packages (wheels and sdists) using modern python -m build
-
run_testsExecuteRun tests using the detected test framework
-
staticcheckExecuteRun staticcheck for enhanced Go static analysis
-
yamllintExecuteRun yamllint on YAML files
-
analyze_commandExecuteExecute a command and analyze the result with AI-powered smart suggestions. Provides intelligent recommendations for fixing failures, optimizing workflows, and identifying issues.
-
go_fmtExecuteFormat Go code using gofmt
-
go_mod_downloadExecuteDownload Go module dependencies
-
go_mod_tidyExecuteTidy Go module dependencies
-
go_testExecuteRun Go tests with coverage and race detection
-
jq_queryExecuteProcess JSON data using jq filter syntax without requiring approval.
-
make_testExecuteRun make test command to execute project tests
-
nodejs_check_typesExecuteRun TypeScript type checking
-
nodejs_profileExecuteProfile Node.js application performance using built-in Node.js profiler
-
nodejs_testExecuteRun Node.js tests with Jest, Vitest, or Mocha
-
python_formatExecuteFormat Python code using ruff format with check mode support
-
python_lintExecuteLint Python code using ruff check with auto-fix support
-
python_profileExecuteProfile Python code performance using cProfile, py-spy, or memray
-
python_testExecuteRun Python tests using pytest with coverage reporting and test selection
-
stack_restackExecuteRebase stack on latest changes
-
branch_checkoutExecuteCheckout an existing branch
-
go_generateExecuteRun go generate to execute code generation directives
-
nodejs_install_depsExecuteInstall Node.js dependencies with npm, yarn, pnpm, or bun
-
python_install_depsExecuteInstall Python dependencies using uv, poetry, pipenv, or pip with package manager auto-detection
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.