Hardproof security guide

This guide documents the current deterministic-only Security dimension. It is not a penetration test, not a red-team report, and not a substitute for manual security review.

Deterministic-only stance

Hardproof Security is designed to produce findings that you can rerun and defend. It uses fixed probes and pattern checks and emits machine-readable evidence in the scan report.

What Security checks today

Transport and auth exposure: whether a remote HTTP endpoint is reachable without TLS and whether it responds without an auth challenge.
Host/Origin guard behavior: whether a remote endpoint accepts mismatched Host and Origin headers (DNS rebinding surface).
Descriptor drift: whether repeated tools/list results are stable.
Injection patterns: heuristic pattern matches in tool metadata that increase prompt-injection surface.
Command-risk surface: heuristic pattern matches for command-execution-adjacent terms in tool metadata and schemas that deserve manual review.
Descriptor bloat: oversized tool descriptors that increase review burden and expand the injection surface.

How to interpret findings

Hard checks (transport/auth exposure and Host/Origin guard behavior) are strong signals about a concrete surface area.
Heuristic checks (injection/command-risk patterns, descriptor bloat) are review prompts. They flag places where a human should look, not confirmed vulnerabilities.

What Security does not claim

Deep exploitation, adversarial chaining, or vulnerability confirmation.
Non-deterministic fuzzing, load testing, or “LLM judge” evaluations.
A guarantee that a server is secure because a scan produced no findings.

How to use Security findings

Treat findings as review prompts: each code is a concrete place to inspect.
Prefer fixes that reduce surface area: shorten descriptors, remove imperative instructions from tool metadata, and keep schema examples minimal.
Use hardproof explain <CODE> and docs_ref links to understand what was detected and what to change.