Critical-risk tools in LexQ
8 of the 63 tools in LexQ are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
lexq_deploy_rollbackDestructiveRollback to the previous deployed version. Only available if there is a previous version.
-
lexq_facts_deleteDestructiveDelete a fact definition. System facts cannot be deleted.
-
lexq_groups_deleteDestructiveArchive a policy group. Only non-live groups can be deleted. This is irreversible.
-
lexq_integrations_deleteDestructiveDelete an integration by ID.
-
lexq_rules_deleteDestructiveDelete a rule from a DRAFT version.
-
lexq_simulation_cancelDestructiveCancel a running or pending simulation.
-
lexq_versions_deleteDestructiveDelete a DRAFT version. Only DRAFT versions can be deleted.
-
lexq_webhook_subscriptions_deleteDestructiveDelete a webhook subscription by ID.
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.