High-risk tools in Scenic MCP
6 of the 10 tools in Scenic MCP are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
click_elementExecuteSEMANTIC CLICK: Click an element by its semantic ID. This is the high-level equivalent of Playwright\
-
connect_scenicExecuteCONNECTION SETUP: Establish the connection to the ScenicMCP GenServer running inside our Scenic app. Use this first before other interaction tools.
-
hover_elementExecuteSEMANTIC HOVER: Move the mouse to hover over an element by its semantic ID. Finds the element and moves the cursor to its center without clicking. Useful for testing hover effec...
-
send_keysExecuteKEYBOARD INPUT: Send text input or special keystrokes to the Scenic application. Use for typing text, navigation shortcuts, testing keyboard interactions. Supports text, special...
-
send_mouse_clickExecuteMOUSE INTERACTION: Click at specific screen coordinates to interact with buttons, links, and UI elements. Use with inspect_viewport to find clickable elements and their position...
-
send_mouse_moveExecuteCURSOR MOVEMENT: Move the mouse cursor to specific coordinates. Useful for hover effects, precise positioning before clicking, and testing mouse-over interactions.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.