Simulator
The simulator lets you model privilege escalation attacks against your agent's tool configuration before deploying to production.
Privilege escalation
The simulator chains tool calls to test whether an attacker can escalate from a low-privilege starting point to a high-privilege action. Attack paths are visualized as directed graphs showing each tool call and the privilege level gained.
curl -X POST https://api.orithos.dev/v1/simulate -H "Authorization: Bearer {api_key}" -H "Content-Type: application/json" -d '{
"starting_tools": ["read_file"],
"target_action": "write_system_config",
"agent_config": { "model": "gpt-4o", "provider": "openai" }
}'Guardrails
Define guardrails that control which tool combinations are allowed. The simulator tests guardrail enforcement by attempting to bypass them.
Allow rules
Explicitly permit specific tool-to-tool transitions. Useful for approved escalation paths.
Deny rules
Block specific tool transitions or tool+argument combinations. Deny rules override allow rules.
Tool risk graph
Each registered MCP tool is assigned a risk level (low, medium, high, critical) based on its capabilities. The simulator uses these risk levels to prioritize attack paths and highlight the most dangerous tool combinations. Tools that can execute system commands or modify files are automatically marked high or critical.