aicoolies logo

Agentic Security

LLM vulnerability scanner and red teaming kit

Share
open-sourceOpen Source
Visit Website →

Agentic Security is an open-source vulnerability scanner for LLM agent workflows that tests AI systems against jailbreaks, fuzzing, and multimodal attacks. It probes weaknesses across text, image, and audio inputs through multi-step jailbreak simulations, randomized stress testing, and reinforcement learning-powered adaptive attacks. The toolkit connects directly to LLM APIs for high-volume real-world attack scenarios, helping developers identify and patch safety gaps before deployment.

Agentic Security provides a comprehensive red-teaming toolkit specifically designed for LLM-powered agent workflows. As AI agents gain access to tools, APIs, and sensitive data, the attack surface expands well beyond simple prompt injection. This scanner tests the full range of vulnerabilities including multi-step jailbreak chains, multimodal attacks across text, image, and audio inputs, and randomized fuzzing that uncovers unexpected edge-case behaviors in production models.

The toolkit connects directly to any LLM API endpoint and runs high-volume attack scenarios drawn from a growing dataset of adversarial prompts. Its reinforcement learning module crafts adaptive probes that evolve based on the model's responses, simulating sophisticated attackers who adjust their strategy in real time. Each scan generates detailed reports identifying which attack vectors succeeded, the severity of each vulnerability, and recommended mitigations.

For security teams and ML engineers shipping agent-based products, Agentic Security fills a critical gap in the testing pipeline. Traditional software security tools cannot evaluate the probabilistic and context-dependent nature of LLM outputs. By integrating this scanner into CI/CD workflows or running it as a standalone audit, teams can systematically validate that safety guardrails hold up against the latest attack techniques before exposing their agents to real users.

Pricing

Free and open source

Platforms

Python library, pip installable

Categories

AI Security & DevSecOpsTesting & QA

Tags

Open SourceAI Security ScanningLLM SecurityJailbreak TestingRed Teaming

Use Cases

Security AuditingTesting & QA Automation

Alternatives

NeMo Guardrails

Programmable safety rails for LLM applications

NeMo Guardrails is NVIDIA's open-source toolkit for adding programmable safety rails to LLM applications. It supports five guardrail types — input, dialog, retrieval, execution, and output rails — covering content safety, jailbreak detection, topic control, PII masking, hallucination detection, and fact-checking. The toolkit uses Colang, a domain-specific language for defining conversational constraints, and integrates with OpenAI, Azure, Anthropic, HuggingFace, and LangChain/LangGraph.

free
Semgrep logo

Semgrep

Fast open-source SAST with custom rules

Semgrep is an open-source static analysis tool with 11K+ GitHub stars that scans code for bugs, vulnerabilities, and anti-patterns using lightweight, customizable rules written in YAML. Runs 10-20x faster than traditional SAST tools with support for 30+ languages. The AppSec platform adds SCA for dependency scanning, secrets detection, and AI-powered triage. Features a community-driven rule registry with 3,000+ rules. Integrates with GitHub, GitLab, CI/CD, and IDE extensions.

open-sourceOpen Source

Related Tools

Requestly logo

Requestly

One tool for intercepting, mocking, and replaying HTTP — acquired by BrowserStack

Requestly is an open-source HTTP interceptor, API client, and session replay tool that lets developers modify, mock, and debug network traffic without leaving the browser. Acquired by BrowserStack and trusted by 200,000+ developers, it bundles a Chrome extension, a full API client, mock servers, and shareable session captures into one free-plus-commercial product.

freemium
Magika logo

Magika

AI-powered file-type detection at Google scale

Open-source AI-powered file-type detection tool from Google that uses a custom deep-learning model under a few megabytes to identify more than 200 binary and textual content types in milliseconds, even on a single CPU. Magika ships as a CLI, Python package, JavaScript/TypeScript library, and an ONNX model, achieves around 99% accuracy on its test set, and is already used at Google scale across Gmail, Drive, and Safe Browsing as well as by VirusTotal and abuse.ch.

freeOpen Source
Trent AI logo

Trent AI

Agentic AI security posture management

Trent AI is a specialized security platform for agentic AI applications providing AI Security Posture Management that compounds with every development cycle. Scans, judges, mitigates, and evaluates AI agent security detecting threats traditional tools miss including prompt injection attacks, tool misuse, unintended autonomous actions, data exfiltration through agent chains, and privilege escalation. Offers continuous assessment with remediation plan execution through Claude Code.

paid
fig-security logo

Fig Security

Security operations resilience for SOC teams

Fig provides a Security Operations Resilience platform designed for modern SOC teams facing both unplanned and planned changes. Features drift detection to catch unplanned infrastructure changes, automated drift repair with testing, planned change modeling to simulate initiatives before deployment, version control, and automatic deployment with rollbacks. Helps teams maintain security coverage while shipping risk-free at 10x speed and focusing on strategic cyber work.

paid
Anchor Browser logo

Anchor Browser

Cloud browser infrastructure for AI agents

Anchor Browser provides secure cloud-managed browser infrastructure for computer-use agents. Deploy humanized Chromium instances that access any website while maintaining bot-detection evasion and authentication support. Features OmniConnect for authentication lifecycle management, Web Action Cache for deterministic workflows, and built-in VPN infrastructure. Includes free tier and paid plans supporting millions of concurrent browser sessions for scalable agent automation.

freemium
Keycard logo

Keycard

Control plane for autonomous AI agents

Keycard is the control plane for autonomous agents, providing identity verification, policy enforcement, and scoped access management. Resolves agent identity, enforces security policies, and issues time-limited resource-specific access tokens. Provides full visibility into every agent action with drift detection, automatic remediation, and integrations with Datadog, Linear, GitHub, and other services for agent-driven incident response and security operations.

paid