High-risk tools in Default Privacy
6 of the 33 tools in Default Privacy are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
run_decision_quizExecuteDetermine which Default Privacy product family fits the user (formation, directory tool, diagnostic workflow, consultation) based on decision-quiz answers. Different from `run_p...
-
run_domain_privacy_auditExecuteComposite: run WHOIS + email-security + breach checks against one domain and return a single graded audit with combined findings and fix links. Saves the agent from chaining thr...
-
run_policy_analyzerExecuteAnalyze a website's privacy policy text and return a summary, score, and lists of red flags + positives. Useful for quickly evaluating a vendor's data-handling posture before si...
-
run_privacy_architecture_assessmentExecuteTake answers from the Privacy Architecture Assessment (the multi-step questionnaire that maps user situation → recommended LLC structure) and return a structure recommendation w...
-
start_anonymous_llcExecuteStart a privacy-structured LLC formation flow with a prefilled intake URL and execution-readiness checklist. This is the primary action-oriented formation tool for agents — it d...
-
start_data_broker_scanExecuteLink the user into the data-broker-removal funnel with MCP-attribution tracking. Does not initiate the scan automatically — it builds the entry URL with the user's email prefill...
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.