High-risk tools in Search
4 of the 8 tools in Search are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
browser_clickExecuteClick an element by snapshot ref (e.g., 's1e5' for main frame or 's1f2e10' for iframe elements). Returns: (1) shortened YAML snapshot text, (2) base64 PNG screenshot, (3) base64...
-
browser_navigateExecuteNavigate the browser tab: open a URL, move browser history, or create a new tab. Pass 'target' as a URL/domain (https added if missing), 'back'/'forward' for history, or 'new' t...
-
browser_tab_switchExecuteSwitch the current browser automation to a different tab by its ID. Get available tab IDs from browser_tabs tool. The switched tab becomes the active tab for subsequent browser ...
-
browser_typeExecuteFocus an element by snapshot ref (e.g., 's1e5' for main frame or 's1f2e10' for iframe elements), type text/keys. Returns: (1) shortened YAML snapshot text, (2) base64 PNG screen...
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.