High-risk tools in StepFunMCP
3 of the 4 tools in StepFunMCP are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
stepfun_chat_completionExecute调用 StepFun 文本大模型生成聊天回复。\nArgs:\n messages (list): 聊天历史,格式为 [{
-
stepfun_text2speechExecute调用 StepFun 语音合成(TTS)接口。\nArgs:\n text (str): 要合成的文本\n voice (str, optional): 声音类型,默认 cixingnansheng。\n model (str, optional): 模型名称,默认 step-tts-mini。\nReturns:\n TextContent:...
-
stepfun_vision_completionExecute调用 StepFun 多模态大模型(支持图片+文本)。\nArgs:\n messages (list): 聊天历史,格式为 [{
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.