Returns NDJSON (one JSON object per line) of audit log entries. Each entry records the operation called, the identity, hashes of the request and response, duration, and an Ed25519 signature over the canonical entry JSON. Entries are hash-chained: each entry's prev_entry_hash is SHA-256 of the pre...
Risk signalsBulk/mass operation — affects multiple targets · Admin/system-level operation
Part of the TunnelMind Data API server.
Free to start. No card required.
AI agents use audit_export to create or modify resources in TunnelMind Data API. Write operations carry medium risk because an autonomous agent could trigger bulk unintended modifications. Rate limits prevent a single agent session from making hundreds of changes in rapid succession. Argument validation ensures the agent passes expected values.
Without a policy, an AI agent could call audit_export repeatedly, creating or modifying resources faster than any human could review. PolicyLayer's rate limiting ensures write operations happen at a controlled pace, and argument validation catches malformed or unexpected inputs before they reach TunnelMind Data API.
Write tools can modify data. A rate limit prevents runaway bulk operations from AI agents.
{
"version": "1",
"default": "deny",
"tools": {
"audit_export": {
"limits": [
{
"counter": "audit_export_rate",
"window": "minute",
"max": 30,
"scope": "grant"
}
]
}
}
}See the full TunnelMind Data API policy for all 54 tools.
These attack patterns abuse exactly the kind of access audit_export gives an agent. Each links to the full case and the policy that stops it:
Other write tools across the catalogue. The same approach applies to each: rate-limit and validate the arguments.
Returns NDJSON (one JSON object per line) of audit log entries. Each entry records the operation called, the identity, hashes of the request and response, duration, and an Ed25519 signature over the canonical entry JSON. Entries are hash-chained: each entry's prev_entry_hash is SHA-256 of the previous entry's signature, making deletion of any entry detectable offline. Authenticated callers receive only their own entries (identity_sub match). Admin key holders receive all entries. Use this tool when: - You want a tamper-evident record of your own API calls. - You are auditing a sequence of requests for compliance or debugging. - You want to verify the audit chain integrity offline. Do NOT use this tool when: - You are anonymous — authentication is required. - You want task status — use get_task instead. Inputs: - from (query, optional): ISO 8601 start datetime. Default: 7 days ago. - to (query, optional): ISO 8601 end datetime. Default: now. - limit (query, optional): Max entries. 1–5000, default 1000. Returns: - NDJSON stream, one AuditEntry per line. - X-Total-Count response header with entry count. - X-Took-Ms response header. Verify the chain offline: - For each consecutive pair (A, B): SHA-256(A.signature) == B.prev_entry_hash. - For each entry: verify Ed25519 signature against public key in /.well-known/atap.json. Cost: - Counts as one request against the daily limit. Latency: - Typical: <300ms for 1000 entries, p99: <1s.. It is categorised as a Write tool in the TunnelMind Data API MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.
Register the TunnelMind Data API MCP server in PolicyLayer and add a rule for audit_export: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches TunnelMind Data API. Nothing to install.
audit_export is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.
Yes. Add a rate_limit block to the audit_export rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for audit_export. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
audit_export is provided by the TunnelMind Data API MCP server (https://mcp-data.tunnelmind.ai/mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Deterministic rules across all 54 TunnelMind Data API tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.
Free to start. No card required.
4,600+ MCP servers and 31,000+ tools scanned and risk-classified.