High-risk tools in Oracle APEX MCP Server
4 of the 26 tools in Oracle APEX MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
oracle_compile_objectExecuteCompile (or recompile) a PL/SQL object: PACKAGE, PACKAGE BODY, PROCEDURE, FUNCTION, TRIGGER, TYPE, TYPE BODY, VIEW. Returns compilation status and any errors.
-
oracle_connectExecuteConnect (or switch) to an Oracle database. Three modes: - **tns**: Use a TNS alias from tnsnames.ora (run oracle_list_tns_entries first) - **connection_string**: Use a full TNS ...
-
oracle_executeExecuteExecute DML (INSERT/UPDATE/DELETE/MERGE), DDL (CREATE/ALTER/DROP/TRUNCATE), or PL/SQL blocks. Returns rows affected and execution time. Supports auto-commit toggle.
-
oracle_transactionExecuteExecute multiple SQL statements in a single transaction (all-or-nothing). Automatically rolls back on error if rollback_on_error is true.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.