// MCP TOOL REFERENCE
Critical Risk →

kill_app

Force stop an Android app by package name.

How to control kill_app ↓

WHAT KILL_APP ON FRIDA AGENT MCP DOES

AI agents call kill_app to permanently remove resources in Frida Agent MCP — typically in cleanup and lifecycle workflows. It does its job in a single call, and there is no undo.

THE RISK

Critical Risk

Force stopping an app is an irreversible action that terminates the process and any unsaved state is lost. This is more severe than a graceful shutdown and cannot be undone once executed. Misuse could disrupt critical applications running on the target device.

From the tool's definition Force stop an Android app by package name

Documented attack patterns abuse exactly the kind of access kill_app gives an agent:

HOW TO CONTROL KILL_APP

PolicyLayer is an MCP gateway — it sits between your AI agents and Frida Agent MCP, and nothing reaches the server without passing your rules. This is the rule we recommend for kill_app:

policy.json 
{
  "version": "1",
  "default": "deny",
  "hide": [
    "kill_app"
  ]
}

kill_app disappears from the agent's tool list entirely, and any attempt to call it is denied. The rest of the server keeps working.

  1. Create a free account and register Frida Agent MCP — nothing to install.
  2. Add this policy — paste it, or build it visually.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
RESTRICT THIS TOOL →

Free to start. No card required.

EXPLORE

More Frida Agent MCP tools

Execute execute execute Execute launch_app Launch an Android app by package name. Execute detach Detach from the current session and unload any injected scripts. Execute reconnect Reconnect to the gadget after an app crash. Execute spawn_and_inject spawn_and_inject Execute connect Connect to the Frida gadget on the device. Read get_messages get_messages Read list_apps List running applications on the connected device.

All 10 Frida Agent MCP tools →

Destructive tools on other servers

Frida Game Hacking MCP clear_scan MegaMemory remove_concept 1MCP Server mcp_uninstall Code delete_path

Go deeper

FAQ

What does the kill_app tool do? +

Force stop an Android app by package name. It is categorised as a Destructive tool in the Frida Agent MCP MCP Server, which means it can permanently delete or destroy data. Block by default and require explicit approval.

How do I enforce a policy on kill_app? +

Register the Frida Agent MCP server in PolicyLayer and add a rule for kill_app: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Frida Agent MCP. Nothing to install.

What risk level is kill_app? +

kill_app is a Destructive tool with critical risk. Critical-risk tools should be blocked by default and only enabled with explicit human approval.

Can I rate-limit kill_app? +

Yes. Add a rate_limit block to the kill_app rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block kill_app completely? +

Set action: deny in the PolicyLayer policy for kill_app. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides kill_app? +

kill_app is provided by the Frida Agent MCP server (1193776794/frida-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Enforce policy on every Frida Agent MCP tool call.

Deterministic rules across all 10 Frida Agent MCP tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

GOVERN FRIDA AGENT →

Free to start. No card required.

10 Frida Agent MCP tools catalogued and risk-classified — across an index of 42,500+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.