Critical-risk tools in Docx
20 of the 219 tools in Docx are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
delete_column_from_tableDestructiveDelete a column (0-based) from every row of a table.
-
delete_commentDestructiveDelete a comment and remove its range markers from the document.
-
delete_content_controlDestructiveRemove an SDT content control wrapper, keeping its content in place.
-
delete_custom_propertyDestructiveDelete a custom document property by name.
-
delete_endnoteDestructiveDelete an endnote and its in-body reference.
-
delete_fieldDestructiveRemove a complete complex field (begin through end runs) from the document.
-
delete_footerDestructiveDelete a footer by location: default, first, or even.
-
delete_footnoteDestructiveDelete a footnote and its in-body reference.
-
delete_headerDestructiveDelete a header by location: default, first, or even.
-
delete_imageDestructiveRemove the drawing containing the image with the given rId from the document.
-
delete_paragraphDestructiveDelete the paragraph with the given paraId.
-
delete_section_breakDestructivedelete_section_break
-
delete_styleDestructiveDelete a style from the document.
-
delete_tableDestructiveDelete a table by index (0-based). Raises IndexError if out of range.
-
delete_table_rowDestructiveDelete a table row with tracked changes.
-
delete_textDestructivedelete_text
-
flatten_documentDestructiveAccept all tracked changes and remove all revision markup.
-
remove_bookmarkDestructiveRemove a bookmark by name (keeps paragraph content).
-
remove_watermarkDestructiveRemove VML watermarks (e.g., DRAFT) from all document headers.
-
scrub_piiDestructivescrub_pii
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.