High-risk tools in Selenium
14 of the 27 tools in Selenium are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
alertExecuteHandle browser alert/confirm/prompt dialogs. Actions: accept, dismiss, get_text, send_text.
-
clickExecuteClick a DOM element by CSS selector.
-
create_sessionExecuteCreate a new browser session. Defaults to Chrome headless.
-
execute_jsExecuteExecute JavaScript in the browser and return the result.
-
frameExecuteSwitch focus to a frame or back to the main page. Actions: switch, default.
-
intercept_requestsExecuteRegister a URL pattern for network interception (log or block).
-
navigate_backExecuteGo back in browser history.
-
navigate_forwardExecuteGo forward in browser history.
-
open_pageExecuteNavigate the browser to a URL.
-
press_keyExecutePress a keyboard key (e.g. Enter, Tab, Escape). Optionally target a specific element.
-
type_textExecuteClear an input and type text into it.
-
wait_forExecuteWait until a CSS selector is visible on the page.
-
wait_for_dom_stableExecuteWait until the DOM stops mutating (smart wait for AJAX content).
-
windowExecuteManage browser windows and tabs. Actions: list, switch, switch_latest, close.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.