High-risk tools in Fast Playwright MCP
21 of the 34 tools in Fast Playwright MCP are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
browser_batch_executeExecuteExecute multiple browser actions in sequence. PREFER over individual tools for 2+ operations.
-
browser_navigateExecuteNavigate to a URL
-
browser_navigate_backExecuteGo back to previous page
-
browser_navigate_forwardExecuteGo forward to next page
-
browser_tab_newExecuteOpen a new tab
-
browser_wait_forExecuteWait for text to appear or disappear or a specified time to pass
-
browser_clickExecutePerform click on web page
-
browser_dragExecutePerform drag and drop between two elements
-
browser_evaluateExecuteEvaluate JavaScript expression on page or element and return result
-
browser_handle_dialogExecuteHandle a dialog (alert, confirm, prompt)
-
browser_hoverExecuteHover over element on page
-
browser_installExecuteInstall the browser specified in the config. Call this if you get an error about the browser not being installed.
-
browser_mouse_click_xyExecuteClick at specific coordinates
-
browser_mouse_drag_xyExecuteDrag from one coordinate to another
-
browser_mouse_move_xyExecuteMove mouse to specific coordinates.Requires --caps=vision.x,y:coordinates.expectation:{includeSnapshot:false} for simple move,true to see hover effects.PREFER element-based inte...
-
browser_performExecutePerform a task with the browser. It can click, type, export, capture screenshot, drag, hover, select options, etc.
-
browser_press_keyExecutePress a key on the keyboard
-
browser_resizeExecuteResize the browser window
-
browser_select_optionExecuteSelect option in dropdown
-
browser_tab_selectExecuteSelect a tab by index
-
browser_typeExecuteType text into editable element
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.