High-risk tools in Lockstep
5 of the 43 tools in Lockstep are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
command_runExecuteRun a shell command
-
dashboard_openExecuteOpen the lockstep dashboard in a browser. Call this to monitor progress visually.
-
launch_implementerExecuteLaunch a new implementer agent (Claude or Codex) in a new terminal window. The planner uses this to spawn workers. Set isolation=
-
tool_installExecuteInstall a tool using a package manager
-
worktree_mergeExecuteMerge an implementer
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.