High-risk tools in LLDB-MCP

High severity LLDB-MCP MCP Server 14 of 28 tools

14 of the 28 tools in LLDB-MCP are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

lldb_command Execute

Execute an LLDB command
lldb_finish Execute

Execute until the current function returns
lldb_run Execute

Run the loaded program
lldb_start Execute

Start a new LLDB session
lldb_continue Execute

Continue program execution
lldb_expression Execute

Evaluate an expression in the current frame
lldb_load Execute

Load a program into LLDB
lldb_load_core Execute

Load a core dump file
lldb_next Execute

Step over function calls
lldb_print Execute

Print value of expression
lldb_step Execute

Step program execution
lldb_attach Execute

Attach to a running process
lldb_thread_select Execute

Select a specific thread
lldb_watchpoint Execute

Set a watchpoint on a variable or memory address

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Runaway Tool Loops
Prompt Injection via Tool Results

High-risk tools in LLDB-MCP

Tools at high risk

Attacks that target this class

More on LLDB-MCP

Enforce policy on every LLDB-MCP tool call.