High-risk tools in Cdp Bridge
6 of the 9 tools in Cdp Bridge are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
browser_execute_jsExecuteExecute JavaScript in the browser and capture results plus DOM changes. Args: script: JavaScript code to execute (or JSON command for CDP operations). switc...
-
browser_navigateExecuteNavigate the active tab to a URL. Args: url: The URL to navigate to.
-
browser_waitExecuteWait until JavaScript condition returns a truthy value. Args: condition_js: JavaScript expression or script. The return value is tested for truthiness. time...
-
browser_batchExecutebrowser_batch
-
browser_focus_tabExecutebrowser_focus_tab
-
browser_switch_tabExecuteSwitch the active MCP browser tab without changing the visible Chrome tab. Args: tab_id: The tab ID to switch to (from browser_get_tabs).
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.