sangfor.dry_run_product_change
AI agents invoke sangfor.dry_run_product_change to trigger actions in Sangfor Mcp Workflow. What it does depends on the arguments the agent supplies, and its effects often reach beyond the immediate call — builds kicked off, notifications sent, workflows started.
This tool triggers execution of product changes (even in dry-run mode), which can affect system behavior and configuration. The dry-run nature mitigates some severity (not directly destructive), but it still represents code/configuration execution with potential side effects depending on what changes are simulated.
From the tool's definition Tool name contains 'dry_run_product_change' — indicates execution of product changes in a test mode. The 'dry_run' prefix suggests trial execution of configuration or deployment actions, and 'product_change' indicates modifications to Sangfor Engineer systems.
Attacks that exploit this kind of access
sangfor.dry_run_product_change. It is categorised as a Execute tool in the Sangfor Mcp Workflow MCP Server, which means it can trigger actions or run processes. Use rate limits and argument validation.
Register the Sangfor Mcp Workflow MCP server in PolicyLayer and add a rule for sangfor.dry_run_product_change: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Sangfor Mcp Workflow. Nothing to install.
sangfor.dry_run_product_change is a Execute tool with high risk. Execute tools should be rate-limited and have argument validation enabled.
Yes. Add a rate_limit block to the sangfor.dry_run_product_change rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for sangfor.dry_run_product_change. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
sangfor.dry_run_product_change is provided by the Sangfor Mcp Workflow MCP server (whelp99-code/sangfor-mcp-workflow). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →