High-risk tools in Mcp Remotetouch
8 of the 9 tools in Mcp Remotetouch are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
key_pressExecutePress a key with optional modifier keys on the remote device. Requires /dev/uinput access.
-
key_typeExecuteType a string of text on the remote device by simulating individual key presses. Requires /dev/uinput access.
-
touch_connectExecuteConnect to a remote Linux device via SSH and start the touch daemon. Returns a session ID for subsequent touch commands.
-
touch_disconnectExecuteDisconnect a touch session and clean up the remote daemon.
-
touch_double_tapExecutePerform a double tap at the given coordinates on the remote touchscreen.
-
touch_long_pressExecutePerform a long press at the given coordinates on the remote touchscreen.
-
touch_swipeExecutePerform a swipe gesture from (x1,y1) to (x2,y2) on the remote touchscreen.
-
touch_tapExecutePerform a tap at the given coordinates on the remote touchscreen.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.