High-risk tools in ThumbGate
4 of the 29 tools in ThumbGate are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
bootstrap_internal_agentExecute 4/5Normalize a GitHub/Slack/Linear trigger into startup context, construct a recall pack, prepare a git worktree sandbox, and emit an execution plus reviewer-lane plan.
-
recallExecute 4/5Recall relevant past feedback, memories, and prevention rules for the current task. Call this at the start of any task to inject past learnings into the conversation.
-
session_primerExecute 3/5Read the most recent session handoff primer to restore context from the previous session. Call at session start.
-
start_handoffExecute 3/5Start a sequential delegation handoff from a delegation-eligible intent plan
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.
More on ThumbGate
Enforce policy on ThumbGate
One command generates a policy scaffold for every server in your MCP config.
npx -y @policylayer/intercept init