High-risk tools in Mcp Serial Hid Kvm
9 of the 14 tools in Mcp Serial Hid Kvm are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
execute_and_readExecuteType a command, press Enter, wait for output, then capture screen and OCR. Convenient for running shell commands on the target PC.
-
mouse_clickExecuteClick a mouse button on the target PC, optionally at a specific position.
-
mouse_dragExecuteDrag from one position to another (press button at start, move to end, release). Useful for drag-and-drop, selecting text, resizing windows, etc.
-
mouse_moveExecuteMove the mouse cursor on the target PC.
-
mouse_scrollExecuteScroll the mouse wheel on the target PC.
-
send_keyExecuteSend a single key press with optional modifier keys (e.g., Ctrl+C, Alt+F4).
-
send_key_sequenceExecuteSend a sequence of key steps with optional per-step delays. Useful for complex keyboard operations.
-
set_capture_deviceExecuteSwitch the active capture device by index or path. Use list_capture_devices first to see available options. Reopens the capture device.
-
type_textExecuteType a string as keyboard input on the target PC. Supports inline tags: {enter}, {tab}, {ctrl+c}, {shift+0x87}, etc.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.