High-risk tools in Concurrent Browser MCP

High severity Concurrent Browser MCP MCP Server 12 of 20 tools

12 of the 20 tools in Concurrent Browser MCP are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

browser_evaluate Execute

Execute JavaScript code in the page context
browser_navigate Execute

Navigate to a specified URL
browser_wait_for_element Execute

Wait for an element to appear
browser_wait_for_navigation Execute

Wait for page navigation to complete
browser_click Execute

Click on a page element
browser_create_instance Execute

Create a new browser instance
browser_fill Execute

Fill a form field
browser_go_back Execute

Go back to the previous page
browser_go_forward Execute

Go forward to the next page
browser_refresh Execute

Refresh the current page
browser_select_option Execute

Select an option from a dropdown
browser_type Execute

Type text into an element

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Runaway Tool Loops
Prompt Injection via Tool Results

High-risk tools in Concurrent Browser MCP

Tools at high risk

Attacks that target this class

More on Concurrent Browser MCP

Enforce policy on every Concurrent Browser MCP tool call.