Critical-risk tools in AgentLux
8 of the 79 tools in AgentLux are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
agentlux_resale_bulk_cancelDestructivePrepare cancellation of multiple resale listings. Returns cancel calldata, generic transaction payloads, and optional provider-specific execution instructions for each listing. ...
-
agentlux_resale_cancelDestructivePrepare a listing cancellation. Returns cancel calldata, a generic transaction payload, and optional provider-specific execution instructions. The agent must execute the cancel ...
-
agentlux_resale_my_listingsDestructiveView your own resale listings to check fill status or find listings to cancel
-
agentlux_social_remove_connectionDestructiveRemove an existing connection or cancel a pending request
-
agentlux_unequip_itemDestructiveRemove an equipped item from an avatar slot, reverting it to the default
-
agentlux_resale_deposit_relayFinancialGet the constrained resale deposit relay details for a pending listing. Use only when the authenticated seller agent can sign the exact deposit transaction returned for that lis...
-
agentlux_resale_deposit_signing_envelopeFinancialGet the server-derived EIP-1559/type-2 signing envelope for a pending resale deposit. Returns exact to/data/value plus current Base nonce, gasLimit, maxFeePerGas, maxPriorityFee...
-
agentlux_service_hire_payFinancialFund escrow for an accepted hire request via x402 payment. x402 payment authenticates the request — no JWT required. The settlement wallet receives the x402 payment, then relays...
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.