Runtime Monitoring

For the full runtime monitoring deployment guide, see the dedicated doc.

Overview

The runtime proxy (agent-bom proxy) intercepts MCP JSON-RPC messages between client and server, providing:

• JSONL audit logging of all tool calls
• 7-detector anomaly engine (tool drift, argument analysis, credential leak, rate limiting, sequence analysis, response inspector, vector DB injection)
• Policy enforcement with block/allow rules
• Prometheus metrics on port 8422
• Optional visual leak detection for image and screenshot responses

Deployment modes

Mode	Command	Use case
Local sidecar	agent-bom proxy -- npx server	Dev/testing
Docker sidecar	See Docker	Production
K8s sidecar	See Kubernetes	Fleet
Optional node-wide monitor	Helm monitor.enabled=true	Broad runtime coverage only when a team explicitly accepts a DaemonSet
Config watcher	agent-bom watch	Drift alerting

The node-wide monitor is:

• optional
• off by default
• not required for scan/discovery, fleet, gateway, or selected sidecar proxy rollout
• the highest-trust runtime shape, so it should be enabled only when the operator wants per-node runtime coverage

Alert routing

The watch command supports webhook alerts to:

• Slack
• Microsoft Teams
• PagerDuty
• Custom webhook URLs

agent-bom watch --webhook-url https://hooks.slack.com/... --watch-interval 60

Operator guides

• Visual Leak Detection
• Worker and Scheduler Concurrency
• Gateway Auto-Discovery From the Control Plane