What is Response Validation?
Checking MCP tool responses against expected schemas or patterns before passing them to the agent. Response validation catches malformed, unexpected, or suspicious responses that could indicate server errors, data corruption, or malicious tampering.
WHY IT MATTERS
An agent trusts the responses it receives from tool calls. If a tool returns malformed data, the agent may hallucinate interpretations. If a tool returns unexpected data types, the agent may crash or behave unpredictably. Response validation ensures the data reaching the agent conforms to expectations.
This is especially important when MCP servers are third-party or community-maintained. A server update might change its response format without warning. A bug might cause it to return error messages where data is expected. Response validation catches these issues at the proxy layer, providing a stable contract between server and agent.
Response validation also serves as a security control. A compromised MCP server might return carefully crafted responses designed to manipulate the agent — injecting instructions disguised as data. By validating response structure and content against expected schemas, the proxy can detect anomalies before they reach the agent's context window.
HOW POLICYLAYER USES THIS
Intercept supports response validation rules in YAML policies. After receiving a response from the upstream MCP server, Intercept validates it against configured schemas — checking data types, required fields, value ranges, and maximum sizes. Responses that fail validation can be blocked, sanitised, or flagged in the audit trail depending on the policy configuration.