{
  "entrypoint_detail": "ToolHive CLI remote MCP onboarding workflow (`thv run <URL> --remote-auth`) against malicious remote MCP endpoint; host-side RFC 9728 discovery is pointed at a loopback canary",
  "entrypoint_kind": "authenticate",
  "healthcheck_passed": true,
  "notes": "confirmed: ToolHive v0.30.0 host-side auth discovery fetched attacker-selected loopback canary twice; v0.31.0 did not hit canary in either negative-control attempt",
  "observations": {
    "fixed_canary_hit": false,
    "vulnerable_canary_hit": true
  },
  "proof_artifacts": [
    "logs/reproduction_steps.log",
    "logs/toolhive_vulnerable_attempt1.log",
    "logs/toolhive_vulnerable_attempt2.log",
    "logs/toolhive_fixed_attempt1.log",
    "logs/toolhive_fixed_attempt2.log",
    "logs/malicious_server_vulnerable_attempt1.log",
    "logs/malicious_server_vulnerable_attempt2.log",
    "logs/malicious_server_fixed_attempt1.log",
    "logs/malicious_server_fixed_attempt2.log",
    "logs/canary_vulnerable_attempt1.log",
    "logs/canary_vulnerable_attempt2.log",
    "logs/canary_fixed_attempt1.log",
    "logs/canary_fixed_attempt2.log",
    "artifacts/toolhive-ssrf/attempts.jsonl"
  ],
  "runtime_stack": [
    "toolhive-thv",
    "malicious-mcp-http-server",
    "internal-loopback-canary"
  ],
  "service_started": true,
  "target_path_reached": true
}
