Critical-risk tools in Wavix
15 of the 122 tools in Wavix are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
api_keys_deleteDestructiveDeletes an API key. This action is permanent.
-
call_control_deleteDestructiveEnds an active call.
-
call_control_streams_deleteDestructiveStops call media streaming.
-
call_recording_deleteDestructiveDeletes a call recording.
-
call_webhooks_deleteDestructiveDeletes a call webhook.
-
cart_removeDestructiveRemoves phone numbers from the cart.
-
my_numbers_deleteDestructiveReleases phone numbers back to stock.
-
sip_trunks_deleteDestructiveDeletes a SIP trunk.
-
sms_and_mms_sender_ids_deleteDestructiveDeletes a Sender ID.
-
ten_dlc_brand_campaigns_deleteDestructiveDeletes a 10DLC Campaign. Associated phone numbers cannot be used as Sender IDs once the Campaign is deleted.
-
ten_dlc_brand_evidence_deleteDestructiveDeletes a 10DLC Brand evidence file.
-
ten_dlc_brands_deleteDestructiveDeletes a 10DLC Brand. Brands with active campaigns cannot be deleted.
-
ten_dlc_subscriptions_deleteDestructiveDeletes a 10DLC event subscription.
-
two_fa_verification_cancelDestructiveCancels a 2FA verification. After cancellation, no additional codes are sent, and previously sent codes can no longer be validated. You must create a new verification to send an...
-
webrtc_tokens_deleteDestructiveDeletes a Wavix Embeddable widget token. After deletion, the token can't be used to authenticate widget sessions, and any active session associated with it is terminated.
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.