High-risk tools in Algorithmaide
5 of the 23 tools in Algorithmaide are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
run_verified_workflowExecuteRun the minimal verified loop: stop apps, write state, start AlgorithmAide, sync LSPosed, then optionally launch the target.
-
inject_frida_scriptExecuteEnable one Frida script for a target package and sync config, AppSwitch, and LSPosed in one step.
-
add_custom_hooksExecuteAdd or replace custom hook entries, then sync config, AppSwitch, LSPosed, and optionally relaunch the target.
-
add_r0capture_hooksExecuteGenerate the built-in r0capture-style network hooks and apply them with the verified workflow.
-
apply_hook_profileExecuteLoad a saved profile and apply it with the verified workflow.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.