High-risk tools in Sanka MCP Server
11 of the 284 tools in Sanka MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
browser_useExecuteRun a governed Sanka browser automation workflow through a configured worker. Use this for API gaps such as HubSpot demo company avatars; workflows are allowlisted and dry_run=t...
-
calculate_payroll_runExecuteCalculate a payroll run for a period in Sanka.
-
connect_sankaExecuteStart or resume the Sanka OAuth connection flow. Use this when the user explicitly asks to connect or reconnect Sanka.
-
executeExecuteCode to execute.
-
preview_workflowExecuteDry-run a supported business workflow. For deal_to_estimate, previews the Sanka estimate draft and approval state. For deal_to_order, previews creating or reusing a Sanka Order ...
-
push_integration_syncExecuteEmit outbound integration sync events for a set of records so they flow to a connected destination (e.g. HubSpot). Use this after generating demo data or after a user manually e...
-
retry_export_jobExecuteRetry a failed, canceled, or otherwise terminal export job.
-
retry_import_jobExecuteRetry a failed, canceled, or otherwise terminal import job.
-
run_workflowExecuteRun an existing Sanka-native workflow definition. HubSpot workflow creation and updates use create_workflow/update_workflow with provider=hubspot.
-
source_buy_requestExecuteStart or record a sourcing run for a Sanka Buy request. MVP provider is Shopify Global Catalog; provider results may be queued or unavailable until the adapter is configured.
-
start_workflowExecuteStart a supported business workflow. For deal_to_estimate, creates a Sanka estimate draft from the deal, applies existing estimate approval rules, creates pending approval reque...
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.