Critical-risk tools in Gmail
3 of the 20 tools in Gmail are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
GMAIL_DELETE_DRAFTDestructivePermanently deletes a specific gmail draft using its id; ensure the draft exists and the user has necessary permissions for the given `user id`.
-
GMAIL_DELETE_MESSAGEDestructivePermanently deletes a specific email message by its id from a gmail mailbox; for `user id`, use 'me' for the authenticated user or an email address to which the authenticated us...
-
GMAIL_REMOVE_LABELDestructivePermanently deletes a specific, existing user-created gmail label by its id for a user; cannot delete system labels.
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.