High-risk tools in Kali-Mcp-Toolkit

High severity Kali-Mcp-Toolkit MCP Server 9 of 20 tools

9 of the 20 tools in Kali-Mcp-Toolkit are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at high risk

code_execute Execute

Execute a script/program from the workspace.
shell_connection_exec Execute

Execute a command on a reverse-shell connection and return output.
shell_listener_start Execute

Start a reverse-shell listener (requires admin scope, must be enabled in config).
shell_listener_stop Execute

Stop a reverse-shell listener.
terminal_exec Execute

Execute a command in an existing terminal session.
exec_tool Execute

exec_tool
code_install_deps Execute

Install packages (requires admin scope, must be enabled in config).
terminal_create Execute

Create a new interactive PTY terminal session.
terminal_send_input Execute

Send raw input to a terminal session (for interactive programs).

Attacks that target this class

High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Runaway Tool Loops
Prompt Injection via Tool Results

High-risk tools in Kali-Mcp-Toolkit

Tools at high risk

Attacks that target this class

More on Kali-Mcp-Toolkit

Enforce policy on every Kali-Mcp-Toolkit tool call.