High-risk tools in Microsandbox

High severity Microsandbox MCP Server 5 of 19 tools

5 of the 19 tools in Microsandbox are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

sandbox_run Execute

Create an ephemeral sandbox, run a shell command, return the output, and destroy the sandbox.
sandbox_exec Execute

Execute a command inside a running sandbox and return stdout/stderr/exit code.
sandbox_shell Execute

Execute a shell command or script string inside a running sandbox.
sandbox_stop Execute

Stop a running sandbox. Use force to kill with SIGKILL instead of graceful SIGTERM.
sandbox_create Execute

Create and boot a persistent named sandbox with full configuration.

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

High-risk tools in Microsandbox

Tools at high risk

Attacks that target this class

More on Microsandbox

Enforce policy on every Microsandbox tool call.