Critical-risk tools in Google Docs
7 of the 26 tools in Google Docs are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
gdoc_delete_bulletsDestructiveRemove bullets or numbering from paragraphs in a range.
-
gdoc_delete_contentDestructiveDelete content in a range. Get indices from gdoc_get response.
-
gdoc_delete_footerDestructiveDelete a footer from the document. Get the footer ID from gdoc_get.
-
gdoc_delete_headerDestructiveDelete a header from the document. Get the header ID from gdoc_get.
-
gdoc_delete_named_rangeDestructiveDelete a named range by ID or name. Does not delete the content, only the reference.
-
gdoc_delete_table_columnDestructiveDelete a column from an existing table.
-
gdoc_delete_table_rowDestructiveDelete a row from an existing table.
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.