Security Control Verification

Source: app.qpoint.io/security/policies/pol-701 — POL-701: Independent verification that agent traffic is governed

Security Control Verification

v1

Independently verify that every outbound agent connection was evaluated by the security stack. Connections without governance receipts are flagged as ungoverned.

Last Updated2026-05-02
RegulationsIndependent Verification
Flows Governed
1.2
k

Compliance
94
%

Violations
3

Governance Receipt Stream
Last 60 minutes
14:31:42 UTCcursor-agent-7f3aapi.anthropic.comPOL-002
14:31:45 UTCclaude-code-a1b2api.anthropic.comPOL-002
14:31:51 UTCcopilot-agent-c3d4api.openai.comPOL-002
14:31:58 UTCcursor-agent-7f3aapi.anthropic.comPOL-002
14:32:07 UTCcursor-agent-7f3abackboard.railway.appUNGOVERNED
14:32:12 UTCclaude-code-a1b2api.anthropic.comPOL-002
14:32:19 UTCcopilot-agent-c3d4api.openai.comPOL-002
14:32:24 UTCops-agent-b2c1mcp.internal.acme.comPOL-002, POL-301
Ungoverned Connection — Investigation

backboard.railway.app

GraphQL API — Infrastructure Management

UNGOVERNED
Agent

cursor-agent-7f3a

User

jer@..com

Destination

backboard.railway.app:443

Protocol

HTTPS (GraphQL POST)

Time

Apr 25, 2026 — 14:32:07 UTC

Session Trust Score

35 (Low)

Gap Analysis — Why was this ungoverned?

POL-002 — Destination allowlist did not evaluate — connection bypassed proxy (split-tunnel VPN)
POL-103 — Data residency check did not fire — no proxy interception
POL-001 — Credential redaction fired on file read (token was redacted)
POL-005 — Trust score dropped to 35 after credential file read + external connection attempt
POL-701 — Detected missing governance receipt — flagged as UNGOVERNED
Governance Coverage

on_file_read

Agent file access

2active policies

on_net_connect

Outbound connections

3active policies

on_command_exec

Shell & API calls

2active policies

on_llm_request

LLM API requests

4active policies

on_mcp_connect

MCP server handshake

1active policies

on_mcp_tool_call

MCP tool invocation

2active policies

on_mcp_response

MCP tool results

1active policies

on_content_ingest

External content

1active policies

on_url_fetch

Web content fetch

0active policies

on_agent_start

Session initiation

2active policies

on_session_tick

Periodic evaluation

2active policies

continuous

Every agent action

3active policies
Ungoverned Connection History
Source
Dataflow
Destination
Violation
Action
Time
cursor-agent-7f3a
Infrastructure
!
backboard.railway.app
Ungoverned — no policy evaluated this connection
Blocked
Apr 25, 2:32 PM
ops-agent-b2c1
Infrastructure
!
api.machines.dev
Ungoverned — bypassed proxy via direct IP
Blocked
Apr 28, 9:14 AM
dev-agent-e5f6
Database
!
db-admin.internal:5432
Ungoverned — non-HTTP protocol, no hook coverage
Blocked
May 1, 11:02 AM
Notifications
Condition :
Action :
Throttling :