High-risk tools in Mk Qa Master
7 of the 22 tools in Mk Qa Master are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
run_api_security_scanExecutev0.8.0: OWASP API Security Top 10 (2023) rule-based scanner. Loads an
-
run_failedExecute只重跑上次失敗的測試——比跑整套套件快很多,適合修完一個 bug 後驗證迭代。
-
run_testsExecuteExecute the test suite under the active QA_RUNNER and produce a structured
-
analyze_urlExecuteProbe a live web page in headless Chromium and return a structured map of
-
codegenExecuteLaunch interactive test recording for the active runner. Useful as a
-
solve_visual_challengeExecuteApply the AI client
-
auto_generate_testsExecute一鍵交付:在內部依序做 analyze_url → 為每個偵測到的 module 用 candidate_tcs 內容
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.