High-risk tools in ThumbGate
4 of the 29 tools in ThumbGate are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
bootstrap_internal_agentExecuteNormalize a GitHub/Slack/Linear trigger into startup context, construct a recall pack, prepare a git worktree sandbox, and emit an execution plus reviewer-lane plan.
-
recallExecuteRecall relevant past feedback, memories, and prevention rules for the current task. Call this at the start of any task to inject past learnings into the conversation.
-
session_primerExecuteRead the most recent session handoff primer to restore context from the previous session. Call at session start.
-
start_handoffExecuteStart a sequential delegation handoff from a delegation-eligible intent plan
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.