Runtimes
Bounded security-agent runtimes — concept, dashboard, and CLI
Overview
A runtime is a single, isolated, region-pinned execution of the Tachyonic scanner against your target. It carries explicit target and tool policy, a budget envelope, evidence capture, and an audit trail.
You can operate runtimes from the dashboard at platform.tachyonic.co or from the CLI under tachyonic runtime …. Both surfaces drive the same platform API.
Regions
Every runtime is pinned to a region at start. Region selection follows your workspace's data-residency settings:
- EU —
aws-eu-west-1(Ireland) is the live runtime cluster. - US —
aws-us-east-1(Virginia) is the live runtime cluster.
To pin a workspace to a jurisdiction, set the workspace's residency in Settings → Data Residency. Runtimes inherit the workspace setting; pin per-runtime via the manifest or the dashboard's region selector.
Budgets
Each runtime carries a budget that caps spend before it runs:
| Field | Default | What it limits |
|---|---|---|
max_runtime_minutes | 30 | Wall-clock. |
max_model_tokens | 200,000 | Inference tokens routed through the platform's metered endpoint. |
max_spend_usd | 5 | Soft cap reported on the runtime detail page. |
max_http_requests | 500 | Reserved; not yet enforced. |
The platform returns HTTP 402 to the runtime's inference loop once max_model_tokens is reached. The runtime surfaces this as failed_budget_exhausted in the dashboard and the CLI stops issuing inference requests.
Approvals
Tools matching the runtime's policy.approvals.require_before list pause execution and create a pending approval. The operator approves or denies it from the dashboard or with tachyonic runtime approve.
Default policy on a paid plan: destructive_action, credentialed_action, exploit_attempt always require approval. Free-tier may set policy.approvals.require_before: [] to disable approval gating.
Egress controls
Every runtime pod runs alongside an egress-gateway sidecar that proxies all outbound HTTP/HTTPS. A deny-default allowlist permits:
- The platform's callback endpoint
- The platform's metered inference endpoint
- Hosts listed in
policy.network.allowlistfrom your manifest - The host of your scan target
A network policy locks the pod at the cluster layer: only DNS, the platform control-plane namespace, and outbound via the gated sidecar path are permitted. Direct outbound is dropped.
Lifecycle
| Status | Description |
|---|---|
planned | Bundle rendered; no infrastructure yet. |
queued | Admitted to the runner pool, awaiting scheduling. |
running | The scanner is executing attacks against your target. |
waiting_approval | Paused on a gated action; approve to continue. |
completed | Terminal; artifacts and findings ingested. |
failed_budget_exhausted | Hit max_model_tokens or max_runtime_minutes. |
failed | Runner error or operator denial. |
cancelled | Stopped by operator. |
Manifest
Reproducible runs use a runtime manifest. Schema:
objective: Pentest the MCP server for tool-poisoning # required, >=8 chars
target: https://mcp.example.com # optional
region: aws-us-east-1 # aws-us-east-1 | aws-eu-west-1
model: <alias> # optional
policy: passive-only # passive-only | verified-scope | authorized-research
budget:
max_runtime_minutes: 30
max_spend_usd: 5Unknown keys are rejected. objective is the only required field.
From the dashboard
- Sign in at platform.tachyonic.co.
- Go to Runtimes → New Runtime.
- Pick a target (or paste an endpoint), a region (US or EU), and a budget.
- Click Start Runtime to start a live runtime, or Create Plan for a dry-run.
The runtime appears on /runtimes with live status. The runtime detail page shows lifecycle events, callbacks, artifacts, and the approval inbox.
From the CLI
Authenticate the same way as cloud scans:
tachyonic loginAll commands accept --api-url (or TACHYONIC_API_URL env) for non-default platforms.
Plan
Validate the manifest and render the runtime bundle without spending budget.
tachyonic runtime plan runtime.ymlReturns the runtime ID and status: planned.
Start
Two forms, mutually exclusive.
Manifest (reproducible runs with explicit policy and budget):
tachyonic runtime start runtime.ymlShorthand (quick targeted assessment, objective auto-derived from URL host):
tachyonic runtime start --target https://api.example.com --region aws-us-east-1Returns the runtime ID and status: queued.
Status
Point-in-time status.
tachyonic runtime status <runtime_id>Watch
Follow a runtime until it reaches a terminal state. Exits 0 on completed, non-zero on failed/cancelled.
tachyonic runtime watch <runtime_id>
tachyonic runtime watch <runtime_id> --timeout 1800 --interval 5Use in CI to gate on outcome:
RID=$(tachyonic runtime start ci-runtime.yml | grep -oE 'rt_[A-Za-z0-9]+' | head -1)
tachyonic runtime watch "$RID" --timeout 600Events
Structured lifecycle events.
tachyonic runtime events <runtime_id>
tachyonic runtime events <runtime_id> --follow # stream new entries
tachyonic runtime events <runtime_id> --limit 200Logs
The runner's scan log, served as an artifact tail.
tachyonic runtime logs <runtime_id>
tachyonic runtime logs <runtime_id> --follow # wait for the log artifact to appear, then printArtifacts
Result artifacts (report bundles, evidence, traces) with signed URLs.
tachyonic runtime artifacts <runtime_id>Output is a table of type, filename, bytes, and url. Fetch any URL directly with curl.
Approve
Approve or deny a gated action surfaced by runtime status / events when the runtime is waiting_approval.
tachyonic runtime approve <approval_id>
tachyonic runtime approve <approval_id> --deny
tachyonic runtime approve <approval_id> --deny --note "out of agreed scope"When things go wrong
| Symptom | Likely cause | What to do |
|---|---|---|
Runtime stuck in queued | Region capacity exhausted | Wait; the platform auto-redirects after 5 minutes if nothing schedules. |
| Runtime completed with no findings | Detection thresholds too strict for your target's response shape | See Detection tuning. |
failed_budget_exhausted | Hit max_model_tokens | Raise the cap or narrow attack scope. |
| Approval repeatedly denied | Policy too strict | Review policy.approvals in your manifest. |
egress_blocked in findings | Allowlist missing a required host | Add it to policy.network.allowlist. |
Next steps
- Platform Guide — dashboard workflows
- API Reference — call the same surface from your own tooling
- Configuration — manifest fields in depth