High-risk tools in Cnc Fluidnc
12 of the 27 tools in Cnc Fluidnc are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
cycle_resumeExecuteResume machine motion after a feed hold. Sends
-
feed_holdExecutePause machine motion immediately (feed hold). Sends
-
go_to_zeroExecuteMove to work coordinate zero. Raises Z to safe height first, then moves XY, then lowers Z.
-
home_axesExecuteRun homing cycle. Homes all axes by default, or specify individual axes.
-
jogExecuteJog the CNC machine along an axis by a specified distance at a given feed rate. Uses incremental mode ($J=G91).
-
run_gcode_programExecuteSend a multi-line G-code program to the machine, one line at a time. Requires confirm=true.
-
run_macroExecuteExecute a saved macro. Shows preview first; set confirm=true to run. Parameters can override defaults.
-
run_sd_fileExecuteRun a G-code file from the CNC controller
-
send_gcodeExecuteSend a single G-code or Grbl command to the CNC machine. Safety level is auto-classified. DANGEROUS/CRITICAL commands require confirm=true.
-
soft_resetExecuteEmergency stop — soft reset the controller (0x18). Stops all motion and spindle immediately. Requires confirm=true.
-
spindle_controlExecuteControl the spindle: turn on (CW/CCW with speed) or off. Turning on requires confirm=true.
-
unlock_machineExecuteClear alarm state and unlock the machine ($X). Use after an alarm condition.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.