High-risk tools in Steel MCP Server
9 of the 9 tools in Steel MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
navigateExecuteNavigate to a specified URL
-
waitExecuteUse this tool when a page appears to be loading or not fully rendered. Common scenarios include: when elements are missing from a screenshot that should be there, when a page lo...
-
searchExecutePerform a Google search by navigating to https://www.google.com/search?q=encodedQuery using the provided query text.
-
clickExecuteClick an element on the page specified by its numbered label from the annotated screenshot
-
go_backExecuteGo back to the previous page in the browser history
-
save_unmarked_screenshotExecuteCapture a screenshot without bounding boxes and store it as a resource. Provide a resourceName to identify the screenshot. It
-
scroll_downExecuteScroll down the page by a pixel amount - if no pixels are specified, scrolls down one page
-
scroll_upExecuteScroll up the page by a pixel amount - if no pixels are specified, scrolls up one page
-
typeExecuteType text into an input field specified by its numbered label from the annotated screenshot. Optionally replace existing text first.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.