Uninstall an application with pre-flight safety validation. DESTRUCTIVE OPERATION. First validates via cloudron_validate_operation (checks app exists, no dependencies, backup recommended), then calls DELETE /api/v1/apps/:id. Returns 202 Accepted with task ID for async operation tracking.
AI agents call cloudron_uninstall_app to permanently remove resources in Mcp Cloudron — typically in cleanup and lifecycle workflows. It does its job in a single call, and there is no undo.
This tool permanently removes an application from a Cloudron instance, which is an irreversible action. Once uninstalled, the application and its associated configuration are deleted. While the tool includes safety validation (checking dependencies, recommending backups), these are precautions rather than reversals—the core action is destructive.
From the tool's definition Tool description explicitly states 'Uninstall an application' and labels it as 'DESTRUCTIVE OPERATION'. The implementation calls DELETE /api/v1/apps/:id, which removes an installed application irreversibly.
Attacks that exploit this kind of access
Uninstall an application with pre-flight safety validation. DESTRUCTIVE OPERATION. First validates via cloudron_validate_operation (checks app exists, no dependencies, backup recommended), then calls DELETE /api/v1/apps/:id. Returns 202 Accepted with task ID for async operation tracking. It is categorised as a Destructive tool in the Mcp Cloudron MCP Server, which means it can permanently delete or destroy data. Block by default and require explicit approval.
Register the Mcp Cloudron MCP server in PolicyLayer and add a rule for cloudron_uninstall_app: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Mcp Cloudron. Nothing to install.
cloudron_uninstall_app is a Destructive tool with critical risk. Critical-risk tools should be blocked by default and only enabled with explicit human approval.
Yes. Add a rate_limit block to the cloudron_uninstall_app rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for cloudron_uninstall_app. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
cloudron_uninstall_app is provided by the Mcp Cloudron MCP server (serenichron/mcp-cloudron). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
cloudron_uninstall_app is one line of Mcp Cloudron's registry record.
The record carries the whole server: verified identity, auth posture, risk grade, every tool classified, recommended policy — re-checked continuously.
Teams ship this data inside their own products. See what a licence covers →