Back to Glossary
PROTO

Per-Action Verification Model

never trust always verifyagentic security posturecontinuous verification

The per-action verification model treats each routed tool call as an independent authorization event, rejecting the assumption that trust persists across actions.

WHY SESSION TRUST IS INSUFFICIENT

Traditional session-based security assumes a principal remains legitimate. AI agents invalidate this: a Prompt Injection attack mid-session can redirect an agent toward unauthorized actions. Per-action verification is required.

PROTOCOL CONTEXT (VEX PROTOCOL / MCPVANGUARD)

McpVanguard and VEX implement per-action verification. In McpVanguard's hosted (SSE/HTTP) mode, each tool call carries its own authorization context. In local stdio mode, enforcement is deterministic but does not include authentication.

ProvnAI Mitigation

McpVanguard enforces per-action verification at low latency. Each tool call is inspected against the active rule set independently, making the proxy robust against session hijack attempts.