High-risk tools in Axint
15 of the 35 tools in Axint are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
axint.agent.adviceExecuteAsk the local Axint project brain what this agent should do next. Reads project context, latest run proof, latest repair plan, and active file claims, then returns host-specific...
-
axint.agent.claimExecuteClaim files before an agent edits them so other agents do not patch the same SwiftUI/App files concurrently. Claims are local, short-lived, and stored in .axint/coordination/cla...
-
axint.agent.releaseExecuteRelease active local Axint file claims for this agent after finishing or abandoning a task. This keeps Codex, Claude, Cursor, and Xcode from blocking each other on stale claims....
-
axint.cloud.checkExecuteRun an agent-callable Cloud Check against Swift or Axint TypeScript source. Accepts inline source or a sourcePath, then returns a Cloud-style verdict, Apple-specific findings, n...
-
axint.context.memoryExecuteReturn the compact Axint operating memory that agents should reload at new chat start, after context compaction, or after long coding drift. Use this to keep Axint top-of-mind w...
-
axint.fix-packetExecuteRead the latest Fix Packet that Axint emitted locally after a compile or watch run. Returns the exact repair artifact that AI tools or Xcode helpers should consume next: verdict...
-
axint.project.packExecuteGenerate the Axint project-start pack for a new Apple app without writing files. Returns .mcp.json, AGENTS.md, CLAUDE.md, .axint/AXINT_MEMORY.md, .axint/project.json, and .axint...
-
axint.repairExecutePlan a project-aware Apple repair for existing apps. Indexes the local project, classifies build/UI/runtime evidence, runs Cloud Check when source is provided, ranks likely Swif...
-
axint.runExecuteRun the enforced Axint Apple build loop outside the Xcode UI. Starts or refreshes the Axint session, validates Swift, runs Cloud Check, executes xcodebuild build/test when a pro...
-
axint.run.statusExecuteRead the latest or selected Axint run job record, including active child process IDs. Use this when a long xcodebuild run may still be active after an MCP timeout or client disc...
-
axint.session.startExecuteStart an enforced Axint agent session. Writes .axint/session/current.json plus token-scoped session history, refreshes .axint/AXINT_REHYDRATE.md, returns compact operating memor...
-
axint.swift.validateExecuteValidate existing Swift source against 150 build-time rules (AX700–AX749) including Swift 6 concurrency and Live Activities. Catches bugs Xcode buries behind generic 'type does ...
-
axint.upgradeExecuteCheck the latest Axint package and optionally apply the upgrade while preserving the current agent thread. Returns exact install commands, optional Xcode MCP wiring refresh, .ax...
-
axint.workflow.checkExecuteRead-only agent workflow gate. Requires the current Axint session token from axint.session.start unless requireSession=false is explicitly set. Use this at session start, after ...
-
axint.xcode.guardExecuteGuard an Xcode agent session against context compaction and Axint drift. Checks project memory files, active Axint session, latest Axint Run or guard proof, and long-task freshn...
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.