Skip to main content
← AI Security Lab MCP Tool Risk Explorer

MCP Tool Risk Explorer

MCP and agentic AI systems become more powerful as they gain access to tools, resources, prompts, and external systems. This explorer shows how risk increases as an AI system moves from answering questions to reading data, taking actions, and modifying real-world systems.

Source alignment: This explorer is inspired by public MCP security guidance and Andrew's work as Principal Co-author of the CIS Controls v8.1 MCP Companion Guide. It is simplified for education and portfolio demonstration and is not an official CIS product or assessment.

How is risk scored?

Each tool capability carries a risk weight by tier, low-impact reads count least, destructive or high-privilege capabilities count most:

  • Low-impact 2  ·  Moderate 5  ·  High-impact 10  ·  Critical 16

Selected capabilities are summed, and missing controls add to the total. The score maps to four bands:

  • Low 0–9  ·  Moderate 10–22  ·  High 23–42  ·  Critical 43+

It is a simplified educational model for building intuition about how tool access drives risk, not a calibrated quantitative assessment.

Step 1, Select Capabilities

Select every tool, resource, or capability this AI system can access. Risk updates in the panel on the right.

Low Risk
weight 2 each

Read-only access to public or pre-approved content. Minimal autonomous impact on external systems.

Moderate Risk
weight 5 each

Access to internal or proprietary data sources. Retrieval may expose sensitive organizational information.

High Risk
weight 10 each

Write access or actions that affect external systems, people, or records. Mistakes can be costly or hard to reverse.

Critical Risk
weight 16 each

System-level access or irreversible actions with broad organizational impact. Require the strongest controls.

Step 2, Controls In Place

Check every control that is currently in place for this system. Unchecked controls that are relevant to your selected capabilities will contribute to the risk score.

Labels (all / mod+ / high+ / crit) show which capability tiers activate each control gap.

Risk Profile 0 capabilities selected

Select capabilities on the left to generate your risk profile.

Sources & Inspiration

  • CIS Controls v8.1 MCP Companion Guide (Principal Co-author)
  • CIS Controls v8.1 AI and LLM Companion Guide (Collaborator)
  • CIS Controls v8.1 AI Agents Companion Guide (Collaborator)
Personal educational tool, This explorer is a simplified educational tool on Andrew Dannenberger's personal website. It is not an official CIS assessment, audit, certification, or product. Risk scores are approximate and for educational purposes only.