High-risk tools in Automagik Tools
9 of the 122 tools in Automagik Tools are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
execute_workflowExecuteExecute a workflow with your input data. The workflow will process your request through multiple steps.
-
run_workflowExecuterun_workflow
-
start_agent_conversationExecuteStart a new conversation with an agent. Provide your message and the agent will respond.
-
start_google_authExecutestart_google_auth
-
start_team_collaborationExecuteStart a collaborative session with a team of agents. Describe your task and the team will work together.
-
wait_minutesExecuteWait for specified minutes
-
continue_agent_conversationExecuteContinue an ongoing conversation with an agent. Send your next message to keep the conversation going.
-
send_stickerExecuteSend WhatsApp sticker. Args: to, sticker_url, instance_name, quoted_message_id, delay. Returns: confirmation with message ID.
-
send_whatsappExecuteSend WhatsApp message (text/media/audio). Args: to (phone or contact ID), message (text or caption), instance_name, message_type, media_url, media_type, mime_type, audio_url, qu...
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.