High-risk tools in Gopeak
4 of the 33 tools in Gopeak are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
editor-launchExecute 3/5[compact alias of launch_editor] Opens the Godot editor GUI for a project. Use when visual inspection or manual editing of scenes/scripts is needed. Opens a new window on the ho...
-
editor-runExecute 3/5[compact alias of run_project] Launches a Godot project in a new window and captures output. Use to test gameplay or verify script behavior. Runs until stop_project is called. U...
-
editor-stopExecute 3/5[compact alias of stop_project] Terminates the currently running Godot project process. Use to stop a project started with run_project. No effect if no project is running.
-
visualizer-mapExecute 4/5[compact alias of map_project] Crawl the entire Godot project and build an interactive visual map of all scripts showing their structure (variables, functions, signals), connect...
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.
More on Gopeak
Enforce policy on Gopeak
One command generates a policy scaffold for every server in your MCP config.
npx -y @policylayer/intercept init