High-risk tools in DrissionPageMCP
14 of the 37 tools in DrissionPageMCP are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
new_tabExecute用DrissionPage 控制的浏览器,打开新标签页并 打开一个网址
-
response_received_listener_stopExecute关闭监听网页发送的数据包
-
run_cdpExecute在当前标签页中运行谷歌CDP协议代码并获取结果 Args: cmd: CDP协议命令 **cmd_args: CDP命令参数 Returns: Any: CDP命令执行结果 Note: 举例1说明 run_cdp('P...
-
run_jsExecuterun_js
-
waitExecute网页等待a秒
-
arrow_downExecute向当前标签页发送按键 arrow_down
-
arrow_upExecute向当前标签页发送按键 arrow_up
-
on_cdp_eventExecute设置监听CDP事件 应该先运行cdp 命令 激活对应的域,比如 Network.enable
-
page_downExecute向当前标签页发送按键 page_down
-
page_upExecute向当前标签页发送按键 page_up
-
response_received_listenerExecuteresponse_received_listener
-
connect_or_open_browserExecute用DrissionPage 打开或者接管已打开的浏览器,参数通过字典传递。如果url不为空则打开指定网址。 参数: params (dict): 包含以下可选键的字典: - url (str, 可选): 要打开的网址。如果未提供则不自动打开页面。 - debug_port (in...
-
element_clickExecute通过xpath点击标签页中某个元素,最好先判断元素是否存在
-
send_enterExecute向当前页面发送 enter 回车键
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.