High-risk tools in Mistral
6 of the 8 tools in Mistral are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
codestral_fimExecuteFill-in-the-middle code completion with Codestral. Given `prompt` (code preceding the cursor) and `suffix` (code after the cursor), Codestral writes the middle. Use for editor ...
-
mistral_chatExecuteGenerate a chat completion using a Mistral model. When to use: - Drafting French (or any European-language) content where Mistral shines. - Codestral for code-specific generati...
-
mistral_ocrExecuteRun Mistral OCR on a PDF or image, returning structured markdown per page. Input `document` is one of: - { type: "document_url", documentUrl: "https://...pdf" } - { type: "...
-
mistral_visionExecuteChat completion with multimodal input: text + image_url parts. Requires a vision-capable model. Accepted: - pixtral-large-latest - pixtral-12b-latest - mistral-large-late...
-
workflow_executeExecuteStart a Mistral Workflow execution. `workflowIdentifier` is the workflow name or ID (visible in mistral://workflows). `input` is a free-form JSON object matching the workflow's...
-
workflow_interactExecuteSend a signal to or run a query against a running workflow execution. action=signal: fire-and-forget event; the workflow reacts asynchronously. - `name`: signal name defined ...
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.