High-risk tools in Qflow
5 of the 50 tools in Qflow are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
qflow_pluginExecute插件管理:install=安装插件,remove=卸载,list=列表,get=详情,search=搜索,enable=启用,disable=禁用
-
qflow_tddExecute合并 TDD 工具。action: preset(查询预设)/step(单步执行)/loop(完整循环)/status(状态)/reset(重置)。
-
qflow_autopilotExecute合并自动驾驶工具。action: config(配置)/start(启动)/pause(暂停)/resume(恢复)/status(状态)/stop(停止)/step(单步)/commit(提交)/loop_start(启动循环)/loop_stop(停止循环)/loop_status(循环状态)。
-
qflow_workflowExecuteDAG 工作流管理:start=启动工作流,advance=推进工作流,status=查看状态,list=列出所有工作流
-
qflow_agileExecute敏捷工作流预设:list=列出所有阶段,get=获取指定阶段,step=执行步骤
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.