Tool Capability Risk
tool_risk_assessmentAssess blast radius of MCP servers by introspecting configured clients, listing tools, and classifying each by capability to produce per-tool and per-server risk scores. Use before granting or trusting exposed tools.
Instructions
Live-introspect MCP servers and score each tool's capability risk.
Discovers configured MCP clients, connects to their servers, calls
``tools/list``, and classifies every exposed tool by capability
(filesystem, network, code execution, credential access) to produce a
per-tool and per-server risk score from what the servers actually
advertise at runtime.
Args:
config_path: MCP client config directory to read; auto-discovers all
supported clients when omitted.
timeout: Per-server introspection timeout in seconds.
Returns:
JSON with per-server tool inventories, per-tool capability classes
and risk levels, and an aggregate server risk rating.
Use this to assess the blast radius of MCP servers an agent can reach
before granting or trusting their tools.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| timeout | No | Per-server introspection timeout in seconds. | |
| config_path | No | Path to MCP client config directory. Auto-discovers all if omitted. |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
| result | Yes |