meshmapper Operator Guide¶
meshmapper turns saved artifacts into deterministic graph hypotheses. Operationally, it answers: what should I attack next? It does not prove security impact.
Core Workflow¶
- Collect Seam transcripts and optional discovery/config artifacts.
- Run meshmapper ingestion.
- Inspect
graph.jsonandpaths.json. - Choose a Seam rule or bind a hypothesis to an Assay case when validation is needed.
python3 -m meshmapper.cli \
--transcript seam-transcript.json \
--agent-card agent-card.json \
--graph graph.json \
--out paths.json \
--schema ../schema
Inputs¶
meshmapper accepts:
- one or more Seam transcripts
- A2A Agent Cards
- MCP
tools/listoutputs - aipostex endpoint output
- static orchestration configs
Inputs are read from files only. meshmapper does not crawl targets or execute frameworks.
Hypotheses¶
Current hypothesis classes:
privilege_launderingconfused_deputyinjection_propagationtrust_spoof
Every hypothesis is emitted with proven: false. Use it to decide what Seam should target next or what Assay should validate.
Handoff To Seam Or Assay¶
For operations, translate the path into a Seam rule or a routing choice. For validation, use explicit hypothesis binding when turning a path into a case. The binding supplies concrete routes, variables, and oracle configuration; meshmapper does not invent payloads or validation routes by itself.