aicoolies logo
Protect AI logo

Protect AI

AI/ML supply chain security and model risk management

Share
freemiumOpen Source
Visit Website →

Protect AI is a YC-backed AI security company focused on ML supply chain protection. Its platform includes ModelScan for detecting malicious code in model files, Guardian for model repository security policies, and NB Defense for Jupyter notebook scanning. Advocates for SLSA-style supply chain standards for ML, helping organizations secure the full pipeline from training data to production model deployment.

Protect AI focuses on securing the machine learning supply chain — the complex pipeline of data, code, models, and dependencies that flows from training environments to production inference. The company recognizes that ML models are executable artifacts that can contain hidden payloads, and that the common practice of downloading pre-trained models from public repositories like Hugging Face introduces supply chain risks similar to those in traditional software. Their open-source ModelScan tool detects unsafe code patterns in model files across formats including pickle, H5, SavedModel, and ONNX.

Beyond scanning, Protect AI's Guardian product provides policy-based governance for model repositories, enforcing security rules before models can be promoted to production. NB Defense scans Jupyter notebooks for security issues including credential leaks, PII exposure, and unsafe package installations. The platform integrates with ML pipelines built on MLflow, Kubeflow, and SageMaker, providing security gates at each stage of the model lifecycle from experimentation through deployment.

Protect AI is YC-backed and advocates for applying software supply chain security principles like SLSA (Supply-chain Levels for Software Artifacts) to machine learning workflows. The company contributes to open-source ML security tools and publishes research on emerging AI threat vectors. For organizations building ML pipelines that ingest external models, datasets, or packages, Protect AI provides the security infrastructure needed to verify integrity and provenance before untrusted artifacts enter production environments.

Pricing

Open-source tools + enterprise SaaS platform

Platforms

CLI tools + cloud platform — any ML pipeline

Categories

Tags

Use Cases

Alternatives

Related Tools

Agent Governance Toolkit logo

Agent Governance Toolkit

Microsoft’s public-preview runtime governance toolkit for policy, identity, sandboxing, audit, and MCP security around AI agents.

Agent Governance Toolkit is Microsoft’s MIT-licensed public-preview toolkit for governing AI agent runtimes. It adds policy enforcement, zero-trust identity, execution sandboxing, audit, reliability, and MCP security-gateway patterns around tool calls and autonomous actions, helping platform teams move beyond prompt-only guardrails while preserving architecture review requirements.

open-sourceOpen SourceTelemetry
Baz logo

Baz

Telemetry-aware AI code reviewer that checks how pull requests may affect real services.

Baz is an AI code-review platform focused on production-aware pull requests. Instead of only reading the diff, Baz connects code changes to application telemetry so reviewers can understand what endpoints, services, and runtime behavior may be affected. That makes it a useful complement to existing AI PR bots when the question is not just whether a change looks correct, but whether it could break a live system.

freemiumTelemetry
rampart

Rampart

Microsoft’s pytest-native red teaming framework for turning AI agent safety findings into CI tests.

RAMPART is an open-source Microsoft framework for safety and security testing of agentic AI applications. It brings red-team findings into a pytest-native workflow so teams can turn prompt injection, unsafe tool use, and behavioral boundary failures into repeatable regression tests. The strongest aicoolies angle is developer workflow: RAMPART makes agent safety part of CI/CD instead of a one-off security review.

open-sourceOpen Source
Statewright logo

Statewright

State-machine guardrails for controlling which tools AI coding agents can use at each phase.

Statewright is a guardrail layer for AI coding agents that uses explicit state machines to control what an agent can do at each stage of a workflow. Instead of relying only on prompt instructions, teams can model phases such as plan, implement, test, and review, then constrain tool access for clients like Claude Code, Codex, Cursor, opencode, and related MCP workflows.

open-sourceOpen Source
Magika logo

Magika

AI-powered file-type detection at Google scale

Open-source AI-powered file-type detection tool from Google that uses a custom deep-learning model under a few megabytes to identify more than 200 binary and textual content types in milliseconds, even on a single CPU. Magika ships as a CLI, Python package, JavaScript/TypeScript library, and an ONNX model, achieves around 99% accuracy on its test set, and is already used at Google scale across Gmail, Drive, and Safe Browsing as well as by VirusTotal and abuse.ch.

freeOpen Source
Trent AI logo

Trent AI

Agentic AI security posture management

Trent AI is a specialized security platform for agentic AI applications providing AI Security Posture Management that compounds with every development cycle. Scans, judges, mitigates, and evaluates AI agent security detecting threats traditional tools miss including prompt injection attacks, tool misuse, unintended autonomous actions, data exfiltration through agent chains, and privilege escalation. Offers continuous assessment with remediation plan execution through Claude Code.

paid