High-risk tools in MCP Chrome Debugger Protocol
11 of the 31 tools in MCP Chrome Debugger Protocol are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
attachExecuteAttach to Node.js debugger process using DAP
-
continueExecuteContinue execution (DAP standard name for resume)
-
disconnectExecuteDisconnect from current debugger session
-
evaluateExecuteEvaluate JavaScript expression in debug context (DAP standard name)
-
nextExecuteStep over to next line (DAP standard name for step over)
-
pauseExecutePause execution
-
restartExecuteRestart the debugging session (DAP standard)
-
restartFrameExecuteRestart execution from a specific stack frame (DAP standard)
-
setExceptionBreakpointsExecuteConfigure exception breakpoint filters (DAP standard)
-
stepInExecuteStep into function call (DAP standard name)
-
stepOutExecuteStep out of current function (DAP standard name)
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.