High-risk tools in Excel Webview2
9 of the 59 tools in Excel Webview2 are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
emulateExecuteThrottles network and/or CPU on the selected page.
-
excel_active_rangeExecuteReturns the currently selected Excel range (address, dimensions, and values). Optionally includes formulas and number formats. Requires an Excel add-in target with Excel.run ava...
-
excel_launch_addinExecuteLaunches Excel with the detected add-in and WebView2 remote debugging enabled. Idempotent per manifest path: re-calling returns the tracked launch instead of spawning a duplicate.
-
excel_stop_addinExecuteStops the most recent Excel add-in launched by excel_launch_addin (or a specific manifest). Runs office-addin-debugging stop and kills the process if it does not exit cleanly.
-
lighthouse_auditExecuteGet Lighthouse score and reports for accessibility, SEO and best practices. This excludes performance. For performance audits, run performance_start_trace
-
performance_analyze_insightExecuteProvides more detailed information on a specific Performance Insight of an insight set that was highlighted in the results of a trace recording.
-
performance_start_traceExecuteStart a performance trace on the selected webpage. Use to find frontend performance issues, Core Web Vitals (LCP, INP, CLS), and improve page load speed.
-
performance_stop_traceExecuteStop the active performance trace recording on the selected webpage.
-
wait_forExecuteWait for the specified text to appear on the selected page.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.