hackagent  by AISecurityLab

Strengthen AI agent security with automated vulnerability testing

Created 1 year ago
262 stars

Top 97.0% on SourcePulse

GitHubView on GitHub
Project Summary

HackAgent is an open-source Python SDK and CLI designed for security researchers, developers, and AI safety practitioners. It addresses the growing need to evaluate and harden AI agents against novel security threats like prompt injection, jailbreaking, and goal hijacking, which traditional tools cannot detect. By automating vulnerability testing with research-backed attack techniques, HackAgent helps identify and mitigate risks, enhancing the overall security posture of AI systems.

How It Works

HackAgent employs a modular pipeline architecture to test AI agent robustness. The core components include an Attack Engine that orchestrates various adversarial techniques (e.g., AdvPrefix, AutoDAN-Turbo, PAIR), a Generator LLM responsible for creating malicious prompts, and a Judge LLM that assesses whether attacks successfully bypass safety measures. The system tests a Target Agent, leveraging pre-built or custom datasets, and supports multiple AI agent frameworks. This LLM-driven, modular approach allows for flexible and comprehensive security evaluations.

Quick Start & Requirements

  • Install: python3 -m venv .venv && source .venv/bin/activate && pip install hackagent
  • Prerequisites: Python 3.10+. No API key is required for local operation.
  • Links: Docs, App

Highlighted Details

  • Supports a wide array of advanced attack techniques including AdvPrefix, AutoDAN-Turbo, PAIR, TAP, FlipAttack, BoN, h4rm3l, CipherChat, PAP, and Static Template.
  • Features an interactive Text User Interface (TUI) providing real-time attack progress visualization.
  • Offers both local reporting (SQLite database with a built-in dashboard) and optional cloud reporting via the HackAgent platform.

Maintenance & Community

Community discussions are available via email at ais@ai4i.it. Contribution guidelines are detailed in CONTRIBUTING.md, and a CODE_OF_CONDUCT.md is provided.

Licensing & Compatibility

Licensed under the Apache-2.0 license. This license is permissive and generally allows for commercial use and integration into closed-source projects.

Limitations & Caveats

HackAgent is strictly intended for authorized security testing and AI safety research. The project explicitly prohibits testing systems without permission, malicious exploitation, or violating terms of service, with authors disclaiming responsibility for any misuse.

Health Check
Last Commit

4 days ago

Responsiveness

Inactive

Pull Requests (30d)
46
Issues (30d)
10
Star History
170 stars in the last 30 days

Explore Similar Projects

Starred by Chip Huyen Chip Huyen(Author of "AI Engineering", "Designing Machine Learning Systems").

codegate by stacklok

0%
789
AI agent security and management tool
Created 1 year ago
Updated 1 year ago
Feedback? Help us improve.