High-risk tools in Electron
11 of the 26 tools in Electron are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
emulateExecuteEmulate device conditions: dark/light mode, CPU throttle, geolocation, network conditions, User-Agent, viewport, timezone, locale. Multiple options can be set at once.
-
evaluate_scriptExecuteRun JavaScript in the page context. Accepts function (string) and args (array); returns the result.
-
navigate_pageExecuteNavigate: go to URL (type=url), back (type=back), forward (type=forward), reload (type=reload).
-
new_pageExecuteOpen a new page (tab/window). In CDP-only mode the app must expose an API to create new windows.
-
performance_start_traceExecuteStart performance trace recording on the selected page. Use for performance analysis and Core Web Vitals (CWV).
-
performance_stop_traceExecuteStop the performance trace recording on the selected page.
-
resize_pageExecuteResize the page viewport to the specified dimensions.
-
start_electron_main_cpu_profileExecuteStart CPU profiling in main process. Call stop to get results.
-
start_electron_main_heap_samplingExecuteStart heap sampling in main process.
-
stop_electron_main_heap_samplingExecuteStop heap sampling and return profile.
-
wait_forExecuteWait until the given text appears in the page body.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.