Expand description
§T-Ron — MCP Security Monitor
T-Ron (the security program that fights the MCP) provides real-time monitoring, auditing, and threat detection for MCP tool calls across the AGNOS ecosystem.
§Architecture
Agent → bote (MCP protocol) → t-ron (security gate) → tool handler
├── policy check
├── rate limiting
├── payload scanning
├── pattern analysis
└── audit logging (libro)Modules§
- audit
- Audit logger — logs every tool call verdict.
- gate
- Security gate — core types for tool call checking.
- middleware
- Security middleware — wraps bote’s Dispatcher with t-ron’s security gate.
- pattern
- Pattern analyzer — anomaly detection on tool call sequences.
- policy
- Tool policy engine — per-agent ACLs.
- query
- Query API — what T.Ron personality in SecureYeoman queries.
- rate
- Rate limiter — per-agent, per-tool token bucket.
- scanner
- Payload scanner — injection detection in tool parameters.
- score
- Agent risk scoring — rolling threat score per agent.
- tools
- MCP tools — t-ron’s own tools registered with bote for security queries.
Structs§
- TRon
- Top-level MCP security monitor.
- TRon
Config - Configuration for t-ron.
Enums§
- Default
Action - Default action for unmatched requests.
- TRon
Error