High-risk tools in ByteBot MCP Server
13 of the 23 tools in ByteBot MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
bytebot_clickExecuteClick at specific screen coordinates. Supports left, right, and middle mouse buttons, as well as double-clicks.
-
bytebot_create_and_monitor_taskExecuteCreate a task and monitor its progress until completion or intervention needed.
-
bytebot_create_taskExecuteCreate a new task for ByteBot to execute. Returns task ID and initial status. Use this to start autonomous task execution.
-
bytebot_dragExecuteDrag the mouse from one position to another. Useful for moving windows, selecting text, or drag-and-drop operations.
-
bytebot_execute_workflowExecuteExecute a multi-step workflow with automatic task creation, monitoring, and error recovery.
-
bytebot_intervene_in_taskExecuteProvide intervention for a task in NEEDS_HELP state.
-
bytebot_move_mouseExecuteMove the mouse cursor to specific screen coordinates. Use this to position the cursor before clicking or dragging.
-
bytebot_paste_textExecutePaste text directly (without typing). Faster than type_text and works with special characters/emojis.
-
bytebot_press_keysExecutePress keyboard keys including modifiers (Ctrl, Shift, Alt, etc.). Use this for keyboard shortcuts like Ctrl+C, Ctrl+V, Alt+Tab.
-
bytebot_scrollExecuteScroll the screen in a specific direction. Use this to navigate through content.
-
bytebot_switch_applicationExecuteSwitch to a specific application window. Use this to bring an app to the foreground.
-
bytebot_type_textExecuteType text string as if typing on a keyboard. Use this for entering text in forms, search boxes, etc.
-
bytebot_waitExecuteWait for a specified duration. Use this to add delays between actions or wait for UI updates.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.