Critical-risk tools in Codemagic
4 of the 15 tools in Codemagic are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
codemagic_cancel_buildDestructiveCancel a build that is queued or in progress. If the build has already finished, returns a message indicating so.
-
codemagic_delete_all_app_cachesDestructiveDelete every stored cache for an application. Codemagic responds with 202 Accepted listing the cache IDs scheduled for deletion.
-
codemagic_delete_app_cacheDestructiveDelete one specific cache by cache_id from an application.
-
codemagic_delete_team_memberDestructiveRemove a collaborator from a team by user_id. Destructive: the user immediately loses access to the team
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.