Critical-risk tools in Google
9 of the 60 tools in Google are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
delete_commentDestructiveDelete a comment from a Google Drive file.
-
delete_doc_tabDestructiveDelete a tab from a Google Doc.
-
delete_footerDestructiveDelete a footer from a Google Doc.
-
delete_headerDestructiveDelete a header from a Google Doc.
-
delete_named_rangeDestructiveDelete a named range from a Google Doc by name or ID.
-
delete_permissionDestructiveRemove a permission from a Google Drive file.
-
delete_positioned_objectDestructiveDelete a positioned object (e.g. floating image) from a Google Doc.
-
delete_replyDestructiveDelete a reply from a comment.
-
trash_fileDestructiveMove a Google Drive file or folder to trash (or permanently delete it). Use search_drive first to find the file ID.
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.