High-risk tools in GNOME Desktop MCP

High severity GNOME Desktop MCP MCP Server 14 of 30 tools

14 of the 30 tools in GNOME Desktop MCP are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

activate_workspace Execute

Switch to a workspace by index (0-based).
focus_window Execute

Focus and raise a window.
key_combo Execute

Press a key combination.
key_press Execute

Press and release a single key.
minimize_window Execute

Minimize a window.
mouse_click Execute

Click at screen coordinates. button: 1=left, 2=middle, 3=right.
mouse_double_click Execute

Double-click at screen coordinates.
mouse_down Execute

Press mouse button down without releasing.
mouse_drag Execute

Drag from one position to another.
mouse_move Execute

Move the mouse to absolute screen coordinates.
mouse_scroll Execute

Scroll at screen coordinates. dy negative=up, positive=down.
mouse_up Execute

Release mouse button.
set_enabled Execute

Enable or disable automation.
type_text Execute

Type text character by character.

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Runaway Tool Loops
Prompt Injection via Tool Results

High-risk tools in GNOME Desktop MCP

Tools at high risk

Attacks that target this class

More on GNOME Desktop MCP

Enforce policy on every GNOME Desktop MCP tool call.