High-risk tools in JS Reverse MCP
7 of the 22 tools in JS Reverse MCP are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
navigate_pageExecuteNavigates the currently selected page to a URL, or performs back/forward/reload navigation. This tool only navigates; it does not clear cookies, storage, cache, or site data. Wa...
-
new_pageExecuteOpens a browser page and navigates to the specified URL. If an existing about:blank startup tab is still available, it is reused instead of opening an extra tab. Waits for DOMCo...
-
break_on_xhrExecuteSets a breakpoint that triggers when an XHR/Fetch request URL contains the specified string.
-
evaluate_scriptExecuteEvaluate a JavaScript function inside the currently selected page. Returns the response as JSON so returned values have to JSON-serializable. Inline JSON results are bounded; us...
-
stepExecuteSteps JavaScript execution. Use direction
-
pause_or_resumeExecuteToggles JavaScript execution. If paused, resumes execution. If running, requests a pause at the next JavaScript statement.
-
set_breakpoint_on_textExecuteSets a breakpoint on specific code (function name, statement, etc.) by searching loaded scripts and automatically determining a position. Optionally pass condition to reduce noi...
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.