Critical-risk tools in Arcane
21 of the 180 tools in Arcane are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
arcane_apikey_deleteDestructiveDelete an API key (revoke access immediately)
-
arcane_container_deleteDestructive[HIGH RISK] Delete a Docker container permanently. Use force=true to delete running containers, volumes=true to remove associated volumes.
-
arcane_environment_deleteDestructive[HIGH RISK] Delete a Docker environment from Arcane. This removes the environment configuration but does not affect the actual Docker host.
-
arcane_event_deleteDestructiveDelete an event from the history
-
arcane_git_repo_deleteDestructiveDelete a Git repository configuration
-
arcane_gitops_deleteDestructiveDelete a GitOps sync configuration
-
arcane_image_deleteDestructive[HIGH RISK] Remove a Docker image from the host
-
arcane_image_pruneDestructive[HIGH RISK] Remove all unused Docker images. This frees disk space but cannot be undone.
-
arcane_network_deleteDestructive[HIGH RISK] Delete a Docker network. Connected containers will be disconnected.
-
arcane_network_pruneDestructive[HIGH RISK] Remove all unused Docker networks. This cannot be undone.
-
arcane_project_destroyDestructive[CRITICAL RISK] Destroy a project completely, including containers and optionally volumes. This cannot be undone!
-
arcane_project_downDestructiveStop and remove containers for a Docker Compose project (docker-compose down). Use arcane_project_destroy to also remove volumes.
-
arcane_registry_deleteDestructiveDelete a container registry configuration
-
arcane_swarm_delete_serviceDestructive[HIGH RISK] Delete a Docker Swarm service permanently
-
arcane_system_pruneDestructive[CRITICAL RISK] Perform Docker system prune - removes unused containers, networks, images, and optionally volumes. This cannot be undone!
-
arcane_template_deleteDestructiveDelete a Docker Compose template
-
arcane_user_deleteDestructive[HIGH RISK] Delete a user account permanently
-
arcane_volume_backup_deleteDestructive[HIGH RISK] Delete a volume backup permanently
-
arcane_volume_deleteDestructive[CRITICAL RISK] Permanently delete a Docker volume and ALL its data. This cannot be undone!
-
arcane_volume_pruneDestructive[CRITICAL RISK] Remove ALL unused Docker volumes and their data. This cannot be undone!
-
arcane_webhook_deleteDestructiveDelete a webhook configuration
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.