Server
The TapPass server is a FastAPI application that acts as a governance proxy between AI agents and LLM providers. Every request is scanned, classified, and logged before reaching the LLM.
Start the server
Section titled “Start the server”tappass up # interactive setup wizardtappass quickstart # start + register agent + print codeSections
Section titled “Sections”| Page | Description |
|---|---|
| Configuration | Environment variables and production settings |
| Pipeline | 49-step governance engine |
| API | REST API reference |
| Identity & Auth | SPIFFE, SSO, RBAC |
| Policy Engine | OPA/Rego policy model |
| Dashboard | CISO dashboard |
| Threat Model | Security architecture |
| Red Team Report | 119 attacks, 0 bypasses |
| OWASP Mapping | ASI01–ASI10 full coverage |
| MCPSecBench | 14/17 attack categories blocked |
Architecture
Section titled “Architecture”Agent → TapPass Proxy → Pipeline (49 steps) → LLM / Tool ↓ Audit Trail (hash-chained) Capability Token (Ed25519) OPA Policy Engine (Rego)