High-risk tools in Ssakone Pocketbase
3 of the 20 tools in Ssakone Pocketbase are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
authenticate_adminExecuteAuthenticate with PocketBase as an admin user. Admin credentials provide full access to all collections, users, and settings.
-
authenticate_userExecuteAuthenticate with PocketBase as a regular user. User permissions are determined by collection access rules.
-
send_custom_requestExecuteSend raw HTTP requests to PocketBase API endpoints. Supports any authenticated user (admin or regular user) and maintains session state.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.