High-risk tools in Browser-Use MCP Server

High severity Browser-Use MCP Server MCP Server 3 of 9 tools

3 of the 9 tools in Browser-Use MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

task_cancel Execute

Cancel a running browser agent or research task. Args: task_id: Task ID (full or prefix match) Returns: JSON with success status and message
run_browser_agent Execute

Execute a browser automation task using AI. EXECUTION MODE (default): - When skill_name is provided, hints are injected for efficient navigation. LEARNING MODE (le...
run_deep_research Execute

Execute deep research on a topic with progress tracking. Args: topic: The research topic or question to investigate max_searches: Maximum number of web sear...

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Runaway Tool Loops
Prompt Injection via Tool Results

High-risk tools in Browser-Use MCP Server

Tools at high risk

Attacks that target this class

More on Browser-Use MCP Server

Enforce policy on every Browser-Use MCP Server tool call.