High-risk tools in Trade Router
6 of the 21 tools in Trade Router are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
auto_swapExecuteBuilds, signs, and submits a Solana swap in a single call. Equivalent to build_swap → local sign → submit_signed_swap, but the MCP server handles the encoding conversion (base58...
-
build_swapExecuteBuilds an unsigned Solana swap transaction via POST /swap. Returns the transaction as base58 — the caller must decode, sign locally, re-encode as base64, and submit via submit_s...
-
place_limit_trailing_orderExecuteCOMBO ORDER: Wait for a limit target, then activate a trailing stop. When the trail triggers, execute as a SINGLE swap (not TWAP). WHEN TO USE: To enter at a specific mcap, the...
-
place_limit_trailing_twap_orderExecuteCOMBO ORDER (the full chain): Wait for a market-cap limit target → activate trailing stop → on trail trigger, execute exit/entry as TWAP slices. WHEN TO USE: For the most sophi...
-
place_limit_twap_orderExecuteCOMBO ORDER: Wait for a market-cap target to be crossed, then execute the entry/exit as a TWAP rather than a single swap. Server-orchestrated; no client-side state machine neede...
-
place_trailing_twap_orderExecuteCOMBO ORDER: Wait for a trailing-stop trigger, then execute the exit as a TWAP rather than a single swap. WHEN TO USE: To ride a trend with a trailing stop, but exit gradually ...
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.