High-risk tools in Salesforce Cloud

High severity Salesforce Cloud MCP Server 2 of 17 tools

2 of the 17 tools in Salesforce Cloud are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

batch Execute 3/5

Execute multiple operations in a single call with result references. Use $N.field to reference prior results (e.g., $0.id for the ID from operation 0). Destructive operations re...
execute_soql Execute 4/5

Execute a SOQL query. Supports querying both standard and custom fields (custom fields end with __c in their API names). Use describe_object first to discover available fields.

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

High-risk tools in Salesforce Cloud

Tools at high risk

Attacks that target this class

More on Salesforce Cloud

Enforce policy on Salesforce Cloud