Critical-risk tools in UnClick
11 of the 813 tools in UnClick are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
delete_todoDestructiveHard-deletes a todo and any comments on it. Use sparingly: prefer drop_todo so history is preserved. agent_id required for the audit log.
-
email_deleteDestructiveDelete an email by UID.
-
pinecone_delete_vectorsDestructiveDelete vectors from a Pinecone index by ID or filter.
-
upstash_redis_delDestructiveDelete a key from an Upstash Redis database.
-
vault_actionDestructivePerform a vault action: vault_init, vault_store, vault_retrieve, vault_list, vault_delete, vault_rotate, vault_audit.
-
vercel_delete_envDestructiveDelete a Vercel environment variable by its env id (get ids from vercel_get_env).
-
paypal_invoicesFinancialList, create, or send PayPal invoices.
-
paypal_ordersFinancialCreate or retrieve a PayPal order.
-
square_paymentsFinancialList or create Square payments.
-
stripe_chargesFinancialList or create Stripe charges.
-
wise_create_quoteFinancialCreate a Wise money transfer quote.
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.