High-risk tools in DevLab MCP Suite
34 of the 71 tools in DevLab MCP Suite are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
android_force_stop_appExecuteForce stop an Android app by package using a profile from config/apps.json.
-
android_input_textExecuteType text with adb shell input text.
-
android_install_apkExecuteInstall a debug APK using adb install -r.
-
android_launch_appExecuteLaunch an Android app using a profile from config/apps.json.
-
android_open_app_settingsExecuteOpen the system Settings > App Info screen for a given package. Uses android.settings.APPLICATION_DETAILS_SETTINGS intent.
-
android_run_shellExecuteAdvanced tool: run a simple adb shell command on the connected Android device.
-
android_run_workflowExecuteRun a declarative app workflow from config/apps.json. Optionally capture a full evidence session.
-
android_send_debug_intentExecuteSend a configured app debug broadcast intent from config/apps.json.
-
android_send_intentExecuteSend a generic Android broadcast intent with optional extras. Supports string, integer, and boolean extras. Use --es, --ei, --ez flags.
-
android_set_bluetoothExecuteEnable or disable Bluetooth on the device. Best-effort: may be blocked by OEM restrictions or Android version.
-
android_set_volumeExecuteSet the volume level for a given audio stream (default: 3 = media).
-
android_start_activityExecuteLaunch an arbitrary Android component (package/activity). Optionally specify an intent action. No config profile required.
-
android_stop_sessionExecuteFinalize a session: capture logcat, current app, device info, and generate final-report.md.
-
android_swipeExecuteRun adb shell input swipe with coordinates and optional duration.
-
android_tapExecuteRun adb shell input tap with x/y coordinates.
-
android_tap_resourceExecuteShortcut for tapping a node by resource-id.
-
android_tap_textExecuteShortcut for tapping a visible text node.
-
android_tap_uiExecuteFind a UI node by text or resource-id and tap its center.
-
android_wait_for_uiExecuteWait until a UI node appears by text or resource-id.
-
browser_clickExecuteClick at absolute pixel coordinates.
-
browser_click_percentExecuteClick using viewport-relative percentage coordinates. Ideal for canvas games.
-
browser_click_textExecuteClick the first element containing the given text.
-
browser_evaluate_game_stateExecuteEvaluate a JavaScript expression to inspect game state (score, level, lives, etc.). Expression runs in page context.
-
browser_evaluate_jsExecuteExecute JavaScript in the page context and return the result. Use for game state inspection, debug hooks, etc.
-
browser_openExecuteLaunch a Chromium browser (headless or headed) for testing.
-
browser_open_urlExecuteNavigate browser to a URL.
-
browser_press_keyExecuteSend a keyboard key press to the page. Use Playwright key names (Enter, Space, ArrowUp, KeyA, etc.).
-
browser_run_workflowExecuteExecute a predefined workflow from a profile (e.g., galaxy-raiders/smoke-menu).
-
browser_start_sessionExecuteBegin an evidence-gathering session for screenshots and structured reporting.
-
browser_stop_sessionExecuteFinalize the evidence session and generate the final report.
-
browser_type_textExecuteType text into the currently focused element.
-
browser_waitExecuteWait for a specified duration in milliseconds.
-
browser_wait_for_canvas_changeExecutePoll the canvas element until its content changes (via toDataURL comparison). Useful for detecting frame updates in games.
-
browser_wait_for_selectorExecuteWait until an element matching the CSS selector appears in the page.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.