Critical-risk tools in Trident
4 of the 22 tools in Trident are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
delete_annotationDestructiveRemoves a text annotation from a live Trident document. Use get_document_summary to get all annotation IDs before calling this. Requires a valid editor access token.
-
delete_connectionDestructiveRemoves a connection from a live Trident document. Provide either the connectionId, or both source and target node IDs to find and remove the matching connection. Use get_docume...
-
delete_containerDestructiveRemoves a container from a live Trident document. By default, nodes inside are detached (kept on the diagram without a container). Pass deleteNodes: true to remove the container...
-
delete_nodeDestructiveRemoves a node from a live Trident document. All connections to/from this node are also removed automatically. Use get_document_summary to get all node IDs before calling this. ...
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.