Seam Field Console¶
Seam is the live offensive instrument. Use it when you want traffic to cross a known listener, see decoded A2A/MCP/HTTP records, apply rules, and confirm what changed before the target receives it.
Live Proxy Run¶
python3 -m ait.cli operate proxy \
--upstream http://127.0.0.1:8500 \
--rules agentic-redteam/seam/rules \
--expect-rule l6_content_rewrite_authorized_refund \
--expect-min-rewrites 1 \
--fail-if-no-rewrite \
--serve
What good looks like:
- traffic rows appear while requests cross the Seam listener;
- the expected rule has at least one match and rewrite;
- the touched decoded path names the field changed by the rule;
- the latest hash advances as records are written;
summary-jsonrecords the live counters for later cockpit review.
Cockpit Checks¶
Open the Operate and Seam tabs.
- Operate shows the mitm-style traffic feed: flow, protocol, direction, operation, status, rule, and before/after summary.
- Seam shows the exact command, listener, upstream, rule pack, counters, rewrite timeline, expected-rule status, and parsed trace/test/tail/inspect/verify diagnostics.
- Selecting a rule filters traffic to matching records.
- Selecting a rewrite jumps to the message diff.
Cockpit Diagnostics¶
The Diagnostics section stores bounded Seam actions under
workbench/actions/seam/ and renders parsed summaries in the cockpit:
trace: matched records, missed rules, miss reasons, touched decoded paths, and clickable seq rows.test: fixture path, expected rule, matched rule, and touched decoded paths.tail: bounded recent transcript rows, equivalent toseam session tail.inspect: record count, protocol/kind counts, rules applied, latest hash, and decoded key summaries.verify: schema/hash-chain status, first failure when present, and latest valid hash.
Typical loop:
- Rule missed in the live counters.
- Run trace from the cockpit.
- Click the missed record and inspect the decoded path in Message.
- Run test with a fixture once the rule path is corrected.
- Rerun the proxy and finish with inspect and verify.
Terminal Follow-Ups¶
seam session tail --transcript .ait/runs/<run>/transcripts/proxy.json --follow
seam rules trace \
--rules agentic-redteam/seam/rules \
--transcript .ait/runs/<run>/transcripts/proxy.json \
--json
seam transcript inspect \
--transcript .ait/runs/<run>/transcripts/proxy.json \
--schema agentic-redteam/schema/transcript.schema.json \
--decoded
Use Assay only if you need impact validation. Seam does the live operation.