High-risk tools in Byob
18 of the 33 tools in Byob are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
browser_emulate_deviceExecuteEmulate a device viewport. Use
-
browser_evalExecuteRun arbitrary JavaScript in a browser tab via CDP Runtime.evaluate.
-
browser_hoverExecuteMove the mouse over the element matching the given CSS selector to trigger
-
browser_intercept_startExecuteStart a request-interception session in a tab. Provide an array of
-
browser_intercept_stopExecuteStop a
-
browser_navigateExecuteOpen a new tab (or reuse a given tabId) and navigate to the URL.
-
browser_stop_record_networkExecuteStop a recording previously started with browser_start_record_network and
-
browser_wait_forExecuteBlock until a CSS selector reaches the requested state (visible / hidden / attached / detached).
-
browser_go_backExecuteGo back one step in the browser history of the given tab and wait for the new page
-
browser_go_forwardExecuteGo forward one step in the browser history of the given tab and wait for the new
-
browser_clickExecuteClick an element matching the given CSS selector in the active browser tab.
-
browser_dragExecuteDrag the mouse from
-
browser_press_keyExecuteSend a single keyboard event to the page (e.g. Enter, Escape, Tab, F5, ArrowDown,
-
browser_scrollExecuteScroll the page to a position, an element, or absolute Y coordinate.
-
browser_selectExecuteChoose an <option> in a native <select> by exactly one of value, label, or index.
-
browser_switch_tabExecuteBring the given tab to the foreground (focus its window + make it active).
-
browser_typeExecuteFocus the element matching the selector, then type the given text.
-
browser_upload_fileExecuteUpload one or more local files to a
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.