Clampd MCP Proxy

LIVE
Allowed 2
Blocked 1
Flagged 0
Errors 0
Total 3
Threat Rate 33.3%
Rules Fired 2
Avg Latency 941ms
Gateway: http://ag-gateway:8080  |  Agent: b0000001-0000-0000-0000-000000000001  |  Port: 3008
Session Duration17m 23s
Avg Risk0.37
Unique Tools (3)read_file, list_allowed_directories, list_directory
Top RulesR008 (1)R061 (1)
1.0 0.0
Demo Attacks click to test
SQL Injection
DROP TABLE users via database.query
Path Traversal
../../etc/passwd via read_file
Prompt Injection
IGNORE ALL INSTRUCTIONS via write_file
SSRF
169.254.169.254 metadata via http_request
Reverse Shell
#!/bin/bash >& /dev/tcp/ via write_file
Schema Injection
<functions> XML tag injection
Encoded Attack
Base64-encoded rm -rf /
Safe Call
Normal read_file /tmp/report.txt
Time Tool Status Risk Rules Latency Reason
23:11:46.045 list_directory ALLOWED 0.10 1183ms -
Actionpass
ReasoningNo rules matched — classified as safe
Scope Granteddata:read:query data:pii:query data:file:read
Degraded Stageslicense
Descriptor Hasheeafd35dbbbc3360...
{ "path": "/var/db" }
23:10:49.063 list_allowed_directories ALLOWED 0.10 1559ms -
Actionpass
ReasoningNo rules matched — classified as safe
Scope Granteddata:read:query data:pii:query data:file:read
Degraded Stageslicense
Descriptor Hash6d21435ebcae64cf...
22:54:22.702 read_file BLOCKED 0.92 R008R061 82ms [input-scan] Risk score 0.92 exceeds threshold
Descriptor Hash5b30a62079f77213...
{ "path": "/etc/passwd" }
 
# Clampd MCP Proxy Security Report
**Agent:** b0000001-0000-0000-0000-000000000001 | **Gateway:** http://ag-gateway:8080
**Generated:** 2026-03-22T01:11:43.807Z

## Summary
- Allowed: 2 | Blocked: 1 | Flagged: 0
- Threat Rate: 33.3%
- Avg Latency: 941ms
- Total Calls: 3

## Rules Triggered
| Rule | Count |
|------|-------|
| R008 | 1 |
| R061 | 1 |

## Blocked Calls
| Time | Tool | Risk | Rules | Reason |
|------|------|------|-------|--------|
| 22:54:22 | read_file | 0.92 | R008, R061 | [input-scan] Risk score 0.92 exceeds threshold |

[
  {
    "timestamp": "2026-03-21T22:54:22.702Z",
    "tool": "read_file",
    "params": "{\"path\":\"/etc/passwd\"}",
    "status": "blocked",
    "risk_score": 0.92,
    "latency_ms": 82,
    "reason": "[input-scan] Risk score 0.92 exceeds threshold",
    "matched_rules": [
      "R008",
      "R061"
    ],
    "descriptor_hash": "5b30a62079f77213ba486dd072be573612a272ab1fb6de6e94f266cab612e50f"
  },
  {
    "timestamp": "2026-03-21T23:10:49.063Z",
    "tool": "list_allowed_directories",
    "params": "{}",
    "status": "allowed",
    "risk_score": 0.1,
    "latency_ms": 1559,
    "matched_rules": [],
    "action": "pass",
    "reasoning": "No rules matched — classified as safe",
    "session_flags": [],
    "scope_granted": "data:read:query data:pii:query data:file:read",
    "degraded_stages": [
      "license"
    ],
    "descriptor_hash": "6d21435ebcae64cfba70464b0b5eafc48ee09d50d2d0286a3fb8f538e16ccd32"
  },
  {
    "timestamp": "2026-03-21T23:11:46.045Z",
    "tool": "list_directory",
    "params": "{\"path\":\"/var/db\"}",
    "status": "allowed",
    "risk_score": 0.1,
    "latency_ms": 1183,
    "matched_rules": [],
    "action": "pass",
    "reasoning": "No rules matched — classified as safe",
    "session_flags": [],
    "scope_granted": "data:read:query data:pii:query data:file:read",
    "degraded_stages": [
      "license"
    ],
    "descriptor_hash": "eeafd35dbbbc336031b285dcfcb7513353e3b77906b513db73b38689f6188a39"
  }
]