High-risk tools in InSite
25 of the 52 tools in InSite are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
click_elementExecuteClick an element identified by CSS selector
-
debug_modeExecuteEnable or disable comprehensive debugging mode with enhanced logging
-
evaluate_jsExecuteExecute JavaScript code in the page context
-
evaluate_js_on_elementExecuteExecute JavaScript code on a specific element
-
go_backExecuteNavigate back in browser history
-
go_forwardExecuteNavigate forward in browser history
-
handle_cspExecuteConfigure Content Security Policy handling and compliance checking
-
highlight_elementExecuteVisually highlight elements on the page for debugging purposes
-
hover_elementExecuteHover over an element to trigger hover effects
-
jest_adapterExecuteIntegration adapter for Jest testing framework with browser automation capabilities
-
load_pageExecuteNavigate to a URL and wait for the page to load
-
manage_certificatesExecuteCertificate validation and custom certificate handling
-
mocha_adapterExecuteIntegration adapter for Mocha testing framework with browser automation hooks
-
performance_monitoringExecuteReal-time performance monitoring, profiling, and optimization insights
-
playwright_test_adapterExecuteIntegration adapter for Playwright Test runner with advanced configuration and reporting
-
press_keyExecutePress a keyboard key or key combination
-
reload_pageExecuteReload the current page
-
scroll_pageExecuteScroll the page or a specific element
-
set_geolocationExecuteSet the browser geolocation
-
set_viewport_sizeExecuteSet the browser viewport size
-
switch_browserExecuteSwitch to a different browser engine (chromium, firefox, webkit)
-
trace_executionExecuteEnable detailed execution tracing for debugging browser operations
-
validate_securityExecuteSecurity validation and vulnerability scanning for web pages
-
wait_for_elementExecuteWait for an element to be in a specific state
-
wait_for_navigationExecuteWait for page navigation to complete
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.