High-risk tools in Ads
6 of the 88 tools in Ads are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
ga4.report.pivotExecuteRun a GA4 pivot report. Body shape per developers.google.com/analytics/devguides/reporting/data/v1/rest/v1beta/properties/runPivotReport.
-
ga4.report.runExecuteRun a GA4 Data API report. Pass dimensions, metrics, and date_ranges (with start_date/end_date as
-
google_ads.passthrough.mutateExecuteFallback: invoke any /customers/{id}/{resource}:mutate endpoint with raw operations. Use only when no named tool exists. Prefer google_ads.campaigns.pause/resume/update_budget. ...
-
google_ads.queryExecuteRun a GAQL query against Google Ads. Returns the raw response envelope (results, fieldMask, nextPageToken). Use this for any read; the GAQL reference is at developers.google.com...
-
linkedin.passthrough.writeExecuteFallback: POST/PARTIAL_UPDATE/DELETE any LinkedIn /rest endpoint. Use only when no named tool exists. Prefer linkedin.campaigns.pause/resume/update_budget, linkedin.creatives.pa...
-
meta.passthrough.writeExecuteFallback: POST/DELETE any Meta Graph API endpoint. Use only when no named tool exists. Prefer meta.campaigns.create/pause/resume/update_budget, meta.adsets.pause/resume/update_b...
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.