High-risk tools in MCProxy
24 of the 39 tools in MCProxy are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
browser_clickExecuteClick an element on the page. Supports humanized clicking with natural mouse movement.
-
browser_click_atExecuteClick at specific coordinates on the page. Coordinates are RELATIVE (0-1 range): x=0 is left edge, x=1 is right edge, y=0 is top, y=1 is bottom. Use this when you can see a scre...
-
browser_create_sessionExecuteCreate a new remote browser session. Returns session_id, browser type, and location info (IP, city, region, country, timezone, ISP) of the browser server. Use this to establish ...
-
browser_double_click_atExecuteDouble-click at specific coordinates. Coordinates are RELATIVE (0-1 range): x=0 is left edge, x=1 is right edge, y=0 is top, y=1 is bottom.
-
browser_dragExecuteDrag from one coordinate to another. All coordinates are RELATIVE (0-1 range). Useful for sliders, drag-and-drop, and drawing.
-
browser_evaluateExecuteExecute JavaScript code in the browser and return the result.
-
browser_go_backExecuteGo back in browser history.
-
browser_go_forwardExecuteGo forward in browser history.
-
browser_hoverExecuteHover over an element.
-
browser_keyboard_downExecuteHold down a key (for modifier keys or key combinations). Remember to release with keyboard_up.
-
browser_keyboard_pressExecutePress a single key. Use for Enter, Tab, Escape, arrows, Backspace, or key combinations like Control+a, Shift+Tab.
-
browser_keyboard_typeExecuteType text at the currently focused element. Use this after clicking an input field with click_at. More human-like than browser_type which uses selectors.
-
browser_keyboard_type_credentialExecuteType a stored credential at the currently focused element BY REFERENCE. Use this after clicking an input field with click_at. The actual credential value is never exposed to the...
-
browser_keyboard_upExecuteRelease a held key.
-
browser_move_mouseExecuteMove the mouse to specific coordinates without clicking. Coordinates are RELATIVE (0-1 range). Useful for hovering or preparing for drag operations.
-
browser_navigateExecuteNavigate to a URL in the browser session. Automatically detects CAPTCHAs and can wait for Cloudflare challenges to complete.
-
browser_reloadExecuteReload the current page.
-
browser_scrollExecuteScroll the page or scroll an element into view. Supports humanized smooth scrolling.
-
browser_selectExecuteSelect an option from a dropdown.
-
browser_solve_captchaExecuteSubmit a CAPTCHA solution. For image CAPTCHAs, analyze the screenshot from browser_check_captcha or browser_navigate, then provide the solution text here.
-
browser_typeExecuteType text into an input element. Supports humanized typing with random keystroke delays.
-
browser_type_credentialExecuteType a stored credential into an input element BY REFERENCE. The actual credential value is never exposed to the model - it is resolved locally by the MCP server. Use browser_li...
-
browser_wait_for_navigationExecuteWait for page navigation to complete.
-
browser_wait_for_selectorExecuteWait for an element to appear on the page.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.