High-risk tools in Tdarr
18 of the 105 tools in Tdarr are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
tdarr_cancel_worker_itemExecuteCancel a running worker item on a specific node
-
tdarr_find_duplicatesExecuteStart the find duplicates process
-
tdarr_get_new_taskExecuteRequest a new task for a node
-
tdarr_item_proc_endExecuteSignal that a node completed processing an item
-
tdarr_kill_file_scannerExecuteKill a file scanner in progress
-
tdarr_restart_nodeExecuteRestart a specific node
-
tdarr_restart_serverExecuteRestart Tdarr Server
-
tdarr_restart_uiExecuteRestart the Tdarr UI
-
tdarr_run_automationExecuteManually trigger an automation
-
tdarr_run_help_commandExecuteRun an ffmpeg or handbrake help command on the Help tab
-
tdarr_scan_filesExecuteRun a scanFresh, scanFindNew or scanFolderWatcher on a library. scanFresh & scanFindNew require a single string dbID inside scanConfig.
-
tdarr_scan_individual_fileExecuteScan an individual file with various tools
-
tdarr_stop_dedupeExecuteStop the dedupe process
-
tdarr_sync_pluginsExecuteSync plugins from server to all nodes
-
tdarr_transcode_user_verdictExecuteTake action on a staged item
-
tdarr_update_nodeExecuteUpdate a connected node from the UI
-
tdarr_update_pluginsExecuteRequest the server to update community plugins
-
tdarr_updater_relaunchExecuteRelaunch Tdarr Server when an update is ready
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.