aicoolies logo
Superagent logo
Superagent logo

Superagent

AI agent safety SDK with guard, redact, and scan modules

open-sourceopen sourceupdated May 23, 2026
Visit Website →
Share

Superagent is an open-source AI agent safety SDK that provides runtime protection through four modules: Guard for detecting prompt injections and unsafe tool calls, Redact for removing PII and secrets, Scan for analyzing repos against AI-targeted attacks, and Test for red-team evaluations. It works with any LLM provider and includes open-weight guard models from 0.6B to 4B parameters with 50-100ms latency for real-time protection.

Superagent is an open-source safety SDK designed to protect AI agents from prompt injection attacks, data leakage, and malicious tool calls in production environments. Originally launched as Safety Agent before rebranding in early 2026, the project provides four core modules that work together as a defense-in-depth layer: Guard intercepts and blocks prompt injections and unsafe tool invocations, Redact automatically strips PII, PHI, and secrets from agent inputs and outputs, Scan analyzes GitHub repositories for AI-targeted supply chain attacks, and Test enables automated red-team evaluations of agent robustness.

The SDK ships with open-weight guard models available on HuggingFace in three sizes from 0.6B to 4B parameters, enabling teams to choose between speed and accuracy based on their latency requirements. At the smallest model size, Guard processes requests in 50-100 milliseconds, making it viable for real-time protection without noticeable user impact. The framework integrates with any LLM provider including OpenAI, Anthropic, Google, Groq, and AWS Bedrock, requiring minimal code changes to add safety layers to existing agent architectures.

Backed by Y Combinator, Superagent has attracted 6,500 GitHub stars and provides TypeScript and Python SDKs alongside a CLI tool and MCP server integration. The MIT-licensed project addresses a growing need in the AI ecosystem as more teams deploy autonomous agents that interact with external tools, APIs, and user data. Its modular design means teams can adopt individual components like Guard or Redact independently before committing to the full safety stack.

Pricing

Free and open source under MIT license

Platforms

TypeScript SDK, Python SDK, CLI, MCP server

Categories

Tags

Use Cases

Alternatives

Related Tools

MEDUSA

AI-first security scanner for LLM, agent, MCP, and RAG codebases

MEDUSA is an AGPL-3.0 AI-first security scanner from Pantheon Security that checks AI and machine-learning applications, LLM agents, MCP workflows, RAG pipelines, repository-poisoning risks, secrets, and agent-specific compromise patterns.

open-sourceOpen Source
iFixAi logo

iFixAi

Open-source diagnostic for AI operational misalignment

iFixAi is an Apache-2.0 diagnostic tool for scoring AI agents and models against operational-misalignment risks such as hallucination, manipulation, sabotage, sandbagging, and oversight evasion.

open-sourceOpen Source

Inspect AI

UK AI Security Institute framework for LLM safety evaluations

Inspect AI is an MIT-licensed framework from the UK AI Security Institute for running large language model evaluations, including tool use, multi-turn dialogue, model-graded scoring, and reusable evaluation tasks.

open-sourceOpen Source

Presidio

Open-source PII detection and anonymization for AI data flows

Presidio is an MIT-licensed privacy framework for identifying and anonymizing personally identifiable information in text, images, and structured data. It can act as a de-identification layer around LLM prompts, logs, RAG corpora, and customer-data workflows.

open-sourceOpen Source
Agent Governance Toolkit logo

Agent Governance Toolkit

Microsoft’s public-preview runtime governance toolkit for policy, identity, sandboxing, audit, and MCP security around AI agents.

Agent Governance Toolkit is Microsoft’s MIT-licensed public-preview toolkit for governing AI agent runtimes. It adds policy enforcement, zero-trust identity, execution sandboxing, audit, reliability, and MCP security-gateway patterns around tool calls and autonomous actions, helping platform teams move beyond prompt-only guardrails while preserving architecture review requirements.

open-sourceOpen SourceTelemetry
Baz logo

Baz

Telemetry-aware AI code reviewer that checks how pull requests may affect real services.

Baz is an AI code-review platform focused on production-aware pull requests. Instead of only reading the diff, Baz connects code changes to application telemetry so reviewers can understand what endpoints, services, and runtime behavior may be affected. That makes it a useful complement to existing AI PR bots when the question is not just whether a change looks correct, but whether it could break a live system.

freemiumTelemetry