Critical-risk tools in Molt2Meet
4 of the 54 tools in Molt2Meet are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
cancel_physical_taskDestructiveCancel a dispatched physical-world task. Only tasks not yet completed or paid can be cancelled. Requires: API key from register_agent.
-
cancel_task_with_settlementDestructiveCancel a task with proper financial settlement. Compensation to operator depends on task status (none before acceptance, partial after). Refund to agent for remaining amount. Re...
-
revoke_api_keyDestructivePermanently deactivate an API key by its database ID. Requests using the revoked key are rejected immediately. Use this after rotating to a new key via create_api_key. You canno...
-
checkout_wallet_depositFinancialCreate a hosted checkout session (e.g. Stripe) to deposit funds into your wallet. Returns a checkout URL where you or your user can complete the payment. After successful paymen...
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.