AI-Infra-Guard is Tencent's open-source security platform that performs comprehensive red teaming and vulnerability assessment of AI infrastructure through five specialized scanning modules. ClawScan detects insecure configurations and known CVEs in AI deployment stacks, Agent Scan evaluates security risks in multi-agent workflows, MCP and Skills Scan identifies vulnerabilities across 14 major security risk categories in model serving configurations, the Infrastructure Vulnerability Scanner covers 55+ AI framework components with mappings to over 1,000 CVEs, and Jailbreak Evaluation tests prompt robustness against adversarial inputs.
The platform takes a holistic approach to AI security that goes beyond traditional application security tools. Rather than treating AI systems as standard web applications, AI-Infra-Guard understands the unique attack surfaces of machine learning infrastructure including model poisoning vectors, inference endpoint exposures, supply chain vulnerabilities in model dependencies, and weaknesses in agent orchestration layers. Each scanning module produces actionable findings with severity ratings and remediation guidance specific to AI deployment patterns.
Developed in collaboration with researchers from Peking University and Fudan University, AI-Infra-Guard can be deployed via Docker for one-click installation and assessment. The project has attracted 3,400 GitHub stars and maintains an actively updated vulnerability database with the latest release being v4.1.3. The Apache 2.0 licensed tool integrates with OpenClaw through its aig-scanner skill, enabling automated security assessments as part of continuous integration pipelines for teams deploying AI systems at scale.
