Critical-risk tools in Path402 — Tokenised Web Content for AI Agents
4 of the 16 tools in Path402 — Tokenised Web Content for AI Agents are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
path402_acquireFinancialPay for and acquire a $402 token. This debits the agent
-
path402_connect_walletFinancialConnect an external wallet provider (e.g. Metanet/Babbage) to the agent. This allows real payments to be made using the user
-
path402_serveFinancialServe content for a $address you hold a token for. This simulates serving content to a buyer and earning revenue. When a buyer requests content you hold, you serve it and earn ...
-
path402_set_budgetFinancialSet or reset the agent
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.