Skip to main content

Score Your First Event

1

Get your API key

Every request requires an X-API-Key header. Use one of the seeded test keys:
CustomerTierAPI Key
Acme Corpstartersk-acme-b96cb84498324444
TechStart Incprosk-tech-d9acb4d86bb04979
Enterprise Globalenterprisesk-ent-20b322cc26bd4d0e
2

Send an event

curl -X POST https://api-production-56df.up.railway.app/events \
  -H "Content-Type: application/json" \
  -H "X-API-Key: sk-acme-b96cb84498324444" \
  -d '{
    "event_id": "evt-001",
    "action": "mcp:github:pr.create",
    "timestamp": "2026-02-26T10:00:00Z",
    "agent": {
      "agent_id": "code-review-bot",
      "agent_type": "code_review",
      "framework": "langchain",
      "model": "claude-sonnet-4-5-20250929"
    },
    "target": {
      "resource_type": "repository",
      "resource_id": "org/repo-name",
      "sensitivity_level": 2
    },
    "mcp_context": {
      "server_name": "github-mcp",
      "transport": "stdio",
      "is_verified": true,
      "tool_name": "create_pull_request"
    },
    "data_fields_accessed": [
      {"field": "source_code", "classification": "internal"}
    ]
  }'
3

Read the score response

{
  "event_id": "evt-001",
  "status": "scored",
  "score": 12,
  "risk_level": "low",
  "reasoning": "Low-risk code review action on internal repository via verified MCP server.",
  "violations": [],
  "scoring_source": "graph_reasoner",
  "compliance_refs": [],
  "mitigations": [],
  "score_components": [],
  "behavioral_flags": [],
  "graph_score": 12,
  "llm_score": null,
  "llm_fallback": false,
  "confidence": 0.92
}
4

Try a high-risk event

curl -X POST https://api-production-56df.up.railway.app/events \
  -H "Content-Type: application/json" \
  -H "X-API-Key: sk-acme-b96cb84498324444" \
  -d '{
    "event_id": "evt-002",
    "action": "mcp:postgres:query.execute",
    "timestamp": "2026-02-26T03:00:00Z",
    "agent": {
      "agent_id": "sales-bot",
      "agent_type": "sales",
      "framework": "crewai"
    },
    "target": {
      "resource_type": "database",
      "resource_id": "customers_db",
      "sensitivity_level": 4
    },
    "data_fields_accessed": [
      {"field": "email", "classification": "pii"},
      {"field": "ssn", "classification": "pii_sensitive"},
      {"field": "credit_card", "classification": "financial"}
    ],
    "parameters": {
      "query": "SELECT * FROM customers",
      "row_limit": 5000
    }
  }'
This will score significantly higher due to: sensitive PII access, bulk query pattern, off-hours timing (3 AM), and high-sensitivity target.

Action Format

All actions follow the canonical domain:scope:verb format: 
mcp:github:pr.create
tool:database:query.execute
data:field:pii_sensitive.access
auth:oauth:token.request
See the Action Taxonomy for the full list.

What Happens Under the Hood

  1. Event is validated and persisted to PostgreSQL
  2. GraphReasoner evaluates through 4-layer pipeline (< 50ms)
  3. If confidence < 0.8: Memgraph RAG retrieves compliance articles, LLM extends analysis
  4. Score response returned with full decomposition