From d15cabee201f2842b92534e3f72cc9254dc1e5f0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rub=C3=A9n=20De=20la=20Torre=20Vico?= <ruben@prowler.com>
Date: Wed, 25 Feb 2026 16:42:13 +0100
Subject: [PATCH] feat(ui): add attack paths tools to Lighthouse allowed list
 (#10175)

---
 ui/CHANGELOG.md               | 1 +
 ui/lib/lighthouse/workflow.ts | 4 ++++
 2 files changed, 5 insertions(+)

diff --git a/ui/CHANGELOG.md b/ui/CHANGELOG.md
index 738dbc5bd6..6a0729ce23 100644
--- a/ui/CHANGELOG.md
+++ b/ui/CHANGELOG.md
@@ -10,6 +10,7 @@ All notable changes to the **Prowler UI** are documented in this file.
 - PDF report available for the CSA CCM compliance framework [(#10088)](https://github.com/prowler-cloud/prowler/pull/10088)
 - Cloudflare provider support [(#9910)](https://github.com/prowler-cloud/prowler/pull/9910)
 - CSV and PDF download buttons in compliance views [(#10093)](https://github.com/prowler-cloud/prowler/pull/10093)
+- Attack Paths tools added to Lighthouse AI workflow allowed list [(#10175)](https://github.com/prowler-cloud/prowler/pull/10175)
 
 ### 🔄 Changed
 
diff --git a/ui/lib/lighthouse/workflow.ts b/ui/lib/lighthouse/workflow.ts
index 1a3fb7a316..bc27b7fe4d 100644
--- a/ui/lib/lighthouse/workflow.ts
+++ b/ui/lib/lighthouse/workflow.ts
@@ -80,6 +80,10 @@ const ALLOWED_TOOLS = new Set([
   "prowler_app_list_resources",
   "prowler_app_get_resource",
   "prowler_app_get_resources_overview",
+  // Attack Paths
+  "prowler_app_list_attack_paths_queries",
+  "prowler_app_list_attack_paths_scans",
+  "prowler_app_run_attack_paths_query",
 ]);
 
 /**