High-risk tools in Remnawave

High severity Remnawave MCP Server 6 of 153 tools

6 of the 153 tools in Remnawave are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

ip_control_drop_connections Execute

Drop active connections for specified IPs
node_plugins_execute Execute

Execute a node plugin
nodes_bulk_actions Execute

Bulk actions on selected nodes (enable/disable/restart)
nodes_restart Execute

Restart a specific node
nodes_restart_all Execute

Restart all nodes
system_srr_matcher Execute

Test subscription request routing rules

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Runaway Tool Loops
Prompt Injection via Tool Results

High-risk tools in Remnawave

Tools at high risk

Attacks that target this class

More on Remnawave

Enforce policy on every Remnawave tool call.