msoedov

msoedov/agentic_security

Python Apache-2.0 Security

Agentic LLM Vulnerability Scanner / AI red teaming kit 🧪

1.9k stars
266 forks
recent
GitHub

1.9k

Stars

266

Forks

70

Open issues

26

Contributors

0.7.5 03 Jun 2026

AI Analysis

Agentic Security is a specialized vulnerability scanner for LLM-based agent systems and large language models, designed to identify jailbreaks, fuzzing vulnerabilities, and multimodal attacks. It serves security researchers, AI practitioners, and development teams building and deploying AI agents who need to proactively test and harden their systems against adversarial inputs and multi-step attack sequences.

Security Security Tool Discovery value: 6/10
Documentation 7/10
Activity 9/10
Community 7/10
Code quality 5/10

Inferred from signals mentioned in the README (tests, CI, type safety) — not a review of the actual code.

Overall score 7/10

AI's overall editorial judgment — not an average of the bars above, can weigh other factors too.

llm-security red-teaming vulnerability-scanning agent-security fuzzing
Actively maintained Niche/specialized use case Apache-2.0 licensed Production ready
Deep Analysis · Based on README and public signals
1w ago

Open-source red-teaming toolkit for LLM and agent security testing with multimodal attack support

Agentic Security is a Python-based vulnerability scanner designed to stress-test LLMs and AI agent workflows against jailbreaks, fuzzing, and multimodal attacks. Built for security researchers, ML engineers, and responsible AI teams, it offers a web UI, CLI, and CI/CD integration. The project targets a specialized but growing segment: organizations that need proactive LLM security validation before deployment.

Origin

Created in April 2024, the project emerged during a period of heightened concern about LLM safety and jailbreak attacks. It represents the broader shift toward treating LLM security as an operational requirement rather than an afterthought.

Growth

The project gained 1,913 stars over ~26 months, with most growth in the first 12 months (typical for security-focused tooling). Recent activity (last push June 2026) shows sustained maintenance rather than accelerating adoption. Growth appears driven by enterprise security initiatives and academic research into LLM robustness, not viral adoption.

In production

adoption not verified — no case studies, public deployments, or end-user testimonials mentioned in README. Enterprise or research adoption is plausible given the problem domain, but concrete evidence is absent.

Code analysis
Architecture

Based on README, appears to be a Uvicorn-based HTTP API server with a web UI, CLI commands for initialization and CI integration, and pluggable dataset/module system. Likely uses LLM API templates (HTTP spec format) to send attack prompts. Supports reinforcement learning and multi-step attack orchestration, though implementation details are not visible from README.

Tests

not documented in README

Maintenance

Last push 2026-06-23 (10 days before evaluation date) indicates active maintenance. README shows recent additions (CI/CD config examples, TOML config format) dated January 2025. Project is being actively maintained, not stagnant, though star velocity remains low (1 star/week suggests modest but stable interest).

Honest verdict

ADOPT IF: your organization runs LLMs in production and needs a lightweight, open-source red-teaming toolkit with multi-modal attack simulation; you have in-house security/ML expertise to configure HTTP specs and interpret results. AVOID IF: you require commercial SLA, extensive documentation for non-technical stakeholders, or pre-built integrations with proprietary LLM platforms beyond OpenAI templates. MONITOR IF: you are evaluating LLM security solutions and want to track this project as a potential cost-effective complement to commercial alternatives; the active maintenance and expanding feature set (RL attacks, CI/CD) suggest it will mature further.

Independent dimensions

Mainstream potential

4/10

Technical importance

6/10

Adoption evidence

2/10

Risks
  • Adoption not verified in real-world production environments; unclear if organizations are relying on it for actual security decisions.
  • Test coverage not documented; no visibility into how robustly the attack vectors themselves are validated.
  • HTTP spec configuration approach requires manual labor per LLM integration; may not scale to large multi-model deployments without tooling expansion.
  • Depends on Hugging Face Datasets and external LLM APIs; reliability tied to third-party services.
  • Security scanner accuracy and false-positive rates not discussed in README; unclear how well attack detection correlates with actual vulnerabilities.
Prediction

Likely to remain a niche but stable tool used by security-conscious ML teams and academic researchers. May see adoption growth if enterprises adopt LLM red-teaming as standard practice, but unlikely to become a mainstream, required dependency.

0 found this helpful

Newsletter

Get analyses like this every Monday

Free weekly digest of the most interesting open-source discoveries.

Languages

Python
99.4%
Dockerfile
0.3%
CSS
0.2%
Shell
0.1%

Information

Language
Python
License
Apache-2.0
Last updated
2w ago
Created
27mo ago
Analyzed with
anthropic/claude-haiku-4-5

Stars over time

Loading…

Contributors over time

Top 100 contributors only — repos with more will plateau at 100.

Loading…

Similar repos

MLSysOps

MLSysOps/MLE-agent

MLE-Agent is an LLM-powered AI engineering assistant that automates machine...

1.6k Python AI & ML
JoasASantos

JoasASantos/NeuroSploit

NeuroSploit is an autonomous, multi-model penetration testing framework that...

1.2k Rust Security
modelscope

modelscope/ms-agent

MS-Agent is a lightweight Python framework for building autonomous agents...

4.3k Python AI & ML
huhusmang

huhusmang/Awesome-LLMs-for-Vulnerability-Detection

This is a curated, continuously-updated index of research papers, datasets,...

1.1k Python Security
vs. alternatives
MLSysOps/MLE-agent

Similar star count (1,564) but broader scope (agent evaluation). Agentic Security is narrower and security-focused.

modelscope/ms-agent

Larger (4,327 stars) but aims at agent building, not red-teaming. Different purpose within the agent ecosystem.

JoasASantos/NeuroSploit

Rust-based, 1,199 stars. Agentic Security is Python-centric; trade-offs around language ecosystem and performance.

Hugging Face Datasets (jailbreak/adversarial datasets)

Agentic Security consumes these datasets. Not a direct competitor but a dependency.