High-risk tools in WP Astro MCP
5 of the 60 tools in WP Astro MCP are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
wp_astro_runExecuteExecute a WordPress-to-Astro frontend action. Use wp_astro_help to list available actions. Common workflows: 1. Add site: site_add → site_analyze → site_export_config 2. Previe...
-
export_resumeExecuteResume an in-progress export. Processes the next batch of pending posts. Call repeatedly until complete.
-
export_retryExecuteRetry all failed posts in an export job.
-
github_pushExecutePush commits to the remote repository.
-
setup_wizardExecuteGuided setup: register a WordPress site, analyze content, configure export, scaffold an Astro project, export all content, and optionally push to GitHub. One command to go from ...
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.