Agent Tool Gateway

Public-safe gateway calls are limited to registered trusted targets and read-only discovery or MCP introspection methods. Protected execution is guarded by PLATPHORM_API_KEY.

Status

Gateway/proxy execution state

degradedactive_for_trusted_discovery_artifacts_and_read_only_mcp_methodsguarded_by_PLATPHORM_API_KEY

Trusted Targets

Only registered targets are eligible.

*.platphormnews.commcp.platphormnews.com*.ph3ar.comascii.platphormnews.com

Blocked Targets

SSRF and private-target guardrails.

localhostprivate-ip-ranges127.0.0.0/810.0.0.0/8172.16.0.0/12192.168.0.0/16link-localmetadata-servicesmetadata servicesfile://ftp://gopher://URLs with embedded credentialsuntrusted external domainsredirects to blocked targets

auth

Public-safe read calls can be described and validated. Mutating/protected downstream calls require PLATPHORM_API_KEY.

secretHandling

PLATPHORM_API_KEY is never forwarded unless a trusted target operation explicitly requires and allows it.

tracePropagation

traceparent, tracestate, X-PlatPhorm-Trace-Id, X-PlatPhorm-Span-Id, X-PlatPhorm-Request-Id

ja4Digest

capture when present, hash/redact for public summaries, never expose raw values publicly