Intercis
✓ Security Validation Report · April 8, 2026

85.1% agentic threat detection
across 10 attack categories. 166/166 tests passing.

47 real attack payloads tested against api.intercis.io — credential exfiltration, data exfiltration, encoded commands, supply chain attacks, container escape, persistence, and more. 48 deny patterns, zero code changes.

intercis.io/validation-report

2-minute security validation · 47 attack payloads · 10 threat categories · api.intercis.io · April 8, 2026

Functional checks 166 / 166 passed

Proxy reachable and healthy Pass
Destructive action (rm -rf) blocked Pass
Block message returned to agent Pass
Safe action (ls) allowed through Pass
Tool call correctly preserved Pass
Plain chat passed through Pass
Unauthenticated request rejected (HTTP 401) Pass
Blocked event visible in dashboard Pass
Allowed event visible in dashboard Pass
Deny verdict recorded in audit log Pass
Allow verdict recorded in audit log Pass
Anthropic SDK client path confirmed Pass
Latency benchmark completed Pass

Latency benchmark

Cross-continental test: client in US East Coast, proxy in Railway europe-west4. Co-located overhead expected: 50–150ms.

Iter Direct Via Proxy Overhead
#1 664ms 1683ms +1019ms
#2 683ms 1306ms +623ms
#3 536ms 997ms +461ms
#4 615ms 1023ms +408ms
#5 534ms 973ms +439ms
Avg 606ms 1196ms +590ms

What this validates

Zero code changes

The agent SDK client was pointed at api.intercis.io instead of api.anthropic.com. No other changes to the agent codebase.

Real-time enforcement

The rm -rf tool call was blocked before the agent received it — at intercept time, not after execution.

Tamper-resistant audit log

Events are written to an append-only Supabase table by the proxy. The agent process has no write access.

Selective policy enforcement

The bash tool was not blanket-blocked. Only commands matching the shell-rm policy were denied. Safe calls passed through unchanged.

Reproduce it yourself

# Set your env vars
export PROXY_URL=https://api.intercis.io
export ANTHROPIC_API_KEY=<your-key>
export INTERCIS_PROXY_KEY=<provided-at-onboarding>
# Run the validation suite
python3 demo/smoke_test.py
# Expected: Results: 13 passed, 0 failed

Test scripts at demo/smoke_test.py, demo/agent_test.py, demo/bench_latency.py. INTERCIS_PROXY_KEY provided during design partner onboarding.

Ready to run this on your agents?

Design partner slots are available. One endpoint change, full governance layer, live in under 10 minutes.

Become a design partner

Or email: sales@intercis.io

Want the 2-minute sales version? Watch the demo →
© 2026 Intercis · intercis.io · No agent acts without authority.