Home/AI Agents/awesome-ai-agents-security
awesome-ai-agents-security logo

awesome-ai-agents-security

Enrichment pending
ProjectRecon/awesome-ai-agents-security

A living map of the AI agent security ecosystem.

GraphCanon updated today · GitHub synced today

54 stars62 forksLast push 1mo Other

Verify the decision

Maintenance and security

Full trust report
Maintenance
Steady (32d since push)
As of today
Provenance
Not a fork · Organization account
As of today
Security (OSV)
No lockfile
As of today

Public GitHub metadata and optional OSV scans. Signals, not a guarantee. Trust methodology.

Install

git clone https://github.com/ProjectRecon/awesome-ai-agents-security

Similar tools

Same-category neighbours. No typed graph edges are catalogued for this tool yet.

Evidence and technical details

Sourced facts, taxonomy, compatibility claims, README excerpt, and machine-readable endpoints.

Overview

A living map of the AI agent security ecosystem.

Capability facts

No sourced capability facts yet. Facts appear after ingest scans repo manifests (Dockerfile, package.json, MCP configs).

Categories

Compatibility

Sourced claims from the README excerpt - not unsourced marketing copy.

LangGraph integrationLangGraph

Source: README excerpt (regex_v1, Jul 15, 2026)

x-ai/agentic-radar)** - A static analysis tool that visualizes agent workflows (LangGraph, CrewAI, AutoGen). It detects risky tool usage, permission loops, and maps them
Source link

Tags

README

Awesome AI Agents Security

A curated list of open-source tools, frameworks, and resources for securing autonomous AI agents.

This list is organized by the security lifecycle of an autonomous agent, covering red teaming, runtime protection, sandboxing, and governance.

📖 Table of Contents

  • Agent Firewalls & Gateways (Runtime Protection)
  • Red Teaming & Vulnerability Scanners
  • Static Analysis & Linters
  • Sandboxing & Isolation Environments
  • Guardrails & Compliance
  • Benchmarks & Datasets
  • Identity & Authentication
  • Contributing

🛡️ Agent Firewalls & Gateways (Runtime Protection)

Tools that sit between the agent and the world to filter traffic, prevent unauthorized tool access, and block prompt injections.

  • AgentGateway - A Linux Foundation project providing an AI-native proxy for secure connectivity (A2A & MCP protocols). It adds RBAC, observability, and policy enforcement to agent-tool interactions.
  • Envoy AI Gateway - An Envoy-based gateway that manages request traffic to GenAI services, providing a control point for rate limiting and policy enforcement.
  • Immunity Agent - Security-focused AI agent runtime for scanning prompt injection, MCP risks, unsafe package installs, and dangerous agent actions before execution.

⚔️ Red Teaming & Vulnerability Scanners

Offensive tools to test agents for security flaws, loop conditions, and unauthorized actions.

  • Strix - An autonomous AI agent designed for penetration testing. It runs inside a docker sandbox to actively probe applications and generate verified exploit capabilities.
  • PyRIT - Microsoft's open-source red teaming framework for generative AI. It automates multi-turn adversarial attacks to test if an agent can be coerced into harmful behavior.
  • Agentic Security - A dedicated vulnerability scanner for agent workflows and LLMs capable of running multi-step jailbreaks and fuzzing attacks against agent logic.
  • Garak - The "Nmap for LLMs." A vulnerability scanner that probes models for hallucination, data leakage, and prompt injection susceptibilities.
  • A2A Scanner - A scanner by Cisco designed to inspect "Agent-to-Agent" communication protocols for threats, validating agent identities and ensuring compliance with communication specs.
  • Cybersecurity AI (CAI) - A framework for building specialized security agents for offensive and defensive operations, often used in CTF (Capture The Flag) scenarios.

🔍 Static Analysis & Linters

Tools to analyze agent configuration and logic code before deployment.

  • Aguara - A static security scanner for AI agent skills and MCP server configurations. Detects prompt injection, credential leaks, data exfiltration, and supply-chain attacks with 173 built-in rules, 4 analysis layers, and remediation guidance.
  • Agentic Radar - A static analysis tool that visualizes agent workflows (LangGraph, CrewAI, AutoGen). It detects risky tool usage, permission loops, and maps them to known vulnerabilities.
  • Agent Bound - A design-time analysis tool that calculates "Agentic Entropy"—a metric to quantify the unpredictability and risk of infinite loops or unconstrained actions in agent architectures.
  • **[Checkov](https

For agents

This page has a .md twin and JSON over the API.

Was this helpful?

Anonymous feedback helps us improve pages and translations.