{"auth_log": "/data/pruva/runs/35288167-4f28-4e14-8f1c-709345bff069/bundle/logs/vuln_variant/vulnerable_auth.log", "auth_server_event_count": 9, "authorization_server_url": "http://127.0.0.1:46519", "canary_event_count": 2, "canary_log": "/data/pruva/runs/35288167-4f28-4e14-8f1c-709345bff069/bundle/logs/vuln_variant/vulnerable_canary.log", "canary_metadata_url": "http://127.0.0.1:45903/.well-known/oauth-authorization-server", "remote_request_count": 2, "remote_url": "http://127.0.0.1:58671/mcp", "resource_metadata_url": "http://127.0.0.1:46519/resource-metadata", "role": "vulnerable", "toolhive_log": "/data/pruva/runs/35288167-4f28-4e14-8f1c-709345bff069/bundle/logs/vuln_variant/vulnerable_thv.log", "ts": "2026-07-16T08:49:33Z", "variant_oracle": "canary hit is caused by DCR resolver re-fetching AS metadata and following a cross-port redirect"}
{"auth_log": "/data/pruva/runs/35288167-4f28-4e14-8f1c-709345bff069/bundle/logs/vuln_variant/fixed_auth.log", "auth_server_event_count": 9, "authorization_server_url": "http://127.0.0.1:51989", "canary_event_count": 2, "canary_log": "/data/pruva/runs/35288167-4f28-4e14-8f1c-709345bff069/bundle/logs/vuln_variant/fixed_canary.log", "canary_metadata_url": "http://127.0.0.1:51889/.well-known/oauth-authorization-server", "remote_request_count": 2, "remote_url": "http://127.0.0.1:43093/mcp", "resource_metadata_url": "http://127.0.0.1:51989/resource-metadata", "role": "fixed", "toolhive_log": "/data/pruva/runs/35288167-4f28-4e14-8f1c-709345bff069/bundle/logs/vuln_variant/fixed_thv.log", "ts": "2026-07-16T08:49:39Z", "variant_oracle": "canary hit is caused by DCR resolver re-fetching AS metadata and following a cross-port redirect"}
{"auth_log": "/data/pruva/runs/35288167-4f28-4e14-8f1c-709345bff069/bundle/logs/vuln_variant/latest_auth.log", "auth_server_event_count": 9, "authorization_server_url": "http://127.0.0.1:50271", "canary_event_count": 2, "canary_log": "/data/pruva/runs/35288167-4f28-4e14-8f1c-709345bff069/bundle/logs/vuln_variant/latest_canary.log", "canary_metadata_url": "http://127.0.0.1:51659/.well-known/oauth-authorization-server", "remote_request_count": 2, "remote_url": "http://127.0.0.1:46229/mcp", "resource_metadata_url": "http://127.0.0.1:50271/resource-metadata", "role": "latest", "toolhive_log": "/data/pruva/runs/35288167-4f28-4e14-8f1c-709345bff069/bundle/logs/vuln_variant/latest_thv.log", "ts": "2026-07-16T08:49:46Z", "variant_oracle": "canary hit is caused by DCR resolver re-fetching AS metadata and following a cross-port redirect"}
