High-risk tools in Bambu Lab MCP Server
14 of the 31 tools in Bambu Lab MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
printer_print_fileExecuteStart printing a file on the printer SD card (uploaded via ftp_upload_file).
-
printer_stopExecuteStop the current print job immediately
-
ams_change_filamentExecuteChange to a different AMS filament tray (0-3)
-
ams_unload_filamentExecuteUnload the current filament from the extruder
-
makerworld_printExecuteDownload a model from MakerWorld and print it on the connected printer.
-
monitor_stopExecuteStop the AI print monitor. Returns a summary of the monitoring session.
-
printer_pauseExecutePause the current print job
-
sign_messageExecuteSign a message with X.509 certificate for authenticated printer communication. Uses the extracted Bambu Connect certificate to bypass firmware auth restrictions.
-
skip_objectsExecuteSkip specific objects during a multi-object print. Useful for excluding failed parts without stopping the entire print.
-
slice_3mfExecuteSlice a 3MF file using OrcaSlicer CLI. Converts an unsliced 3MF (models + settings)
-
mqtt_connectExecuteConnect to a Bambu Lab printer via local MQTT over TLS. Required before any printer control commands.
-
printer_resumeExecuteResume a paused print job
-
printer_send_gcodeExecuteSend a single G-code command to the printer (e.g.,
-
set_temperatureExecuteSet nozzle or bed temperature via G-code. Validates against safe limits.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.