High-risk tools in Scrumdo
11 of the 93 tools in Scrumdo are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
approve_agent_planExecuteApprove a run's plan; transitions awaiting_approval → executing.
-
cancel_agent_runExecuteCancel an in-flight run.
-
check_spec_driftExecuteRun the drift check on the card's latest PR + return the report.
-
pause_loopExecutePause a loop — stop dispatching new runs (an in-flight run finishes;
-
resume_loopExecuteResume a paused or escalated loop — re-enter the driver.
-
route_to_agentExecuteDelegate a loop task type ('plan'|'implement'|'verify'|'integrate') to
-
run_verifierExecuterun_verifier
-
start_agent_runExecutestart_agent_run
-
start_loopExecutestart_loop
-
start_verification_loopExecutestart_verification_loop
-
verify_behavior_contractExecuteRun the behavior-verification check + return the report.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.