High-risk tools in Screen Agent
8 of the 18 tools in Screen Agent are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
screen_clickExecutescreen_click
-
screen_exploreExecute自动探索屏幕,学习哪些元素可点击。用于了解新界面。
-
screen_hotkeyExecute按下快捷键组合,如Ctrl+C复制、Ctrl+V粘贴、Enter发送等。
-
screen_input_textExecute在屏幕上输入文字。需要先调用 screen_get_layout 绑定目标窗口。
-
screen_learn_hoverExecute通过鼠标悬停学习UI交互效果。
-
screen_learn_scrollExecute通过滚动学习屏幕内容,会自动回滚到原位置。
-
screen_scrollExecute滚动屏幕,用于查看更多内容。
-
screen_waitExecute等待指定时间,用于等待界面加载或动画完成。
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.