Skip to content

meshmapper Operator Guide

meshmapper turns saved artifacts into deterministic graph hypotheses. Operationally, it answers: what should I attack next? It does not prove security impact.

Core Workflow

  1. Collect Seam transcripts and optional discovery/config artifacts.
  2. Run meshmapper ingestion.
  3. Inspect graph.json and paths.json.
  4. Choose a Seam rule or bind a hypothesis to an Assay case when validation is needed.
python3 -m meshmapper.cli \
  --transcript seam-transcript.json \
  --agent-card agent-card.json \
  --graph graph.json \
  --out paths.json \
  --schema ../schema

Inputs

meshmapper accepts:

  • one or more Seam transcripts
  • A2A Agent Cards
  • MCP tools/list outputs
  • aipostex endpoint output
  • static orchestration configs

Inputs are read from files only. meshmapper does not crawl targets or execute frameworks.

Hypotheses

Current hypothesis classes:

  • privilege_laundering
  • confused_deputy
  • injection_propagation
  • trust_spoof

Every hypothesis is emitted with proven: false. Use it to decide what Seam should target next or what Assay should validate.

Handoff To Seam Or Assay

For operations, translate the path into a Seam rule or a routing choice. For validation, use explicit hypothesis binding when turning a path into a case. The binding supplies concrete routes, variables, and oracle configuration; meshmapper does not invent payloads or validation routes by itself.