High-risk tools in Novada Proxy
5 of the 14 tools in Novada Proxy are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
agentproxy_renderExecute[BETA] Render a JavaScript-heavy page using Novada
-
agentproxy_sessionExecuteFetch a URL with a sticky session \u2014 the same residential IP is used for every call with the same session_id. Use this for multi-step workflows where IP consistency matters:...
-
novada_proxy_crawlExecuteCrawl a website recursively via BFS from a starting URL to configurable depth. Returns all discovered URLs with metadata, page titles, and optionally page content + extracted fi...
-
novada_proxy_renderExecuteRender a JavaScript-heavy page with real Chromium [BETA]. Returns structured JSON with ok, data.content. Requires NOVADA_BROWSER_WS env var.\n\nWHEN TO USE: SPAs, React/Vue apps...
-
novada_proxy_sessionExecuteFetch a URL with sticky-session IP persistence and optional verification. For basic sticky routing without verification, use novada_proxy_fetch with session_id instead.\n\nReuse...
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.