18 repositorios
Frameworks and auditing tools designed to secure agent configurations and prevent vulnerabilities in automated systems.
Distinguishing note: Focuses on security auditing specifically for agentic architectures rather than general application security.
Explore 18 awesome GitHub repositories matching security & cryptography · Agent Security. Refine with filters or upvote what's useful.
ECC es un framework de orquestación de agentes LLM y una suite de herramientas de IA multiplataforma diseñada para coordinar flujos de trabajo de múltiples modelos. Proporciona un sistema para gestionar roles de agentes especializados, habilidades reutilizables y planificación estructurada para ejecutar tareas complejas de desarrollo de software a través de diferentes editores de código impulsados por IA. El proyecto se distingue como un gestor de Protocolo de Contexto de Modelo, proporcionando una capa de configuración para integrar servidores externos y auditar la ejecución de herramientas. Además, implementa un sandbox de seguridad agentic que restringe el acceso a archivos confidenciales y escanea en busca de fugas de secretos para asegurar flujos de trabajo autónomos. El framework cubre amplias áreas de capacidad, incluyendo la automatización del flujo de trabajo de codificación de IA con barandillas de desarrollo impulsado por pruebas, optimización de costos de modelos a través de enrutamiento inteligente y gestión de memoria con estado aislado. También incluye herramientas para hacer cumplir los estándares de codificación específicos del lenguaje y gestionar los comportamientos de los agentes a través de varios entornos de desarrollo integrados. El sistema se gestiona a través de una interfaz de línea de comandos que maneja la instalación de herramientas, la reparación de configuración y la implementación de preajustes de herramientas.
Provides a security layer that scans for secret leakage and restricts file access in autonomous workflows.
Everything Claude Code es un framework agentic diseñado para orquestar flujos de trabajo complejos de desarrollo de software a través de la delegación de subagentes especializados. Funciona como un plano de control que gestiona el comportamiento del agente, el acceso a herramientas y la eficiencia de la ventana de contexto, permitiendo a los desarrolladores dividir tareas grandes en subprocesos enfocados y con alcance que evitan la sobrecarga del sistema. El framework se distingue por una capa robusta de seguridad y automatización que incluye análisis estático automatizado y red-teaming adversarial para auditar las configuraciones de los agentes. Permite la creación de patrones de comportamiento reutilizables y secuencias de automatización, que pueden compartirse entre entornos como habilidades modulares. Al sincronizar configuraciones específicas del proyecto e instrucciones de chat, asegura que los estándares de codificación y las restricciones de seguridad sigan siendo consistentes tanto en la línea de comandos como en los entornos de desarrollo integrados. Más allá de sus capacidades principales de orquestación, el proyecto proporciona herramientas integrales para gestionar los costos operativos durante sesiones de larga duración. Incluye mecanismos para la optimización dinámica de tokens, gestión del estado de la sesión y hooks basados en eventos que activan scripts de validación o cumplimiento de calidad. El sistema también admite la extracción de patrones recurrentes del historial de control de versiones para generar colecciones de habilidades especializadas, agilizando aún más las tareas de desarrollo repetitivas.
A set of automated tools and validation hooks designed to audit agent configurations and prevent vulnerabilities during development.
Awesome Copilot is a comprehensive framework for autonomous software development, providing the infrastructure to orchestrate multi-agent teams and automate complex coding workflows. It functions as a centralized platform for managing AI-driven development, enabling developers to deploy specialized agents that interact with local files, terminal commands, and external APIs to execute end-to-end software delivery tasks. The project distinguishes itself through its focus on governance and extensibility, offering a suite of security controls, policy-based execution guardrails, and audit trails t
Checks agent-based systems against industry security standards to identify vulnerabilities and ensure compliance.
This framework provides a development toolkit for building autonomous agents that utilize language models to solve complex, non-deterministic tasks. Its core design centers on a code-executing architecture where agents generate and run Python code snippets to perform logic, data manipulation, and tool interactions. By moving beyond structured data formats, the system enables agents to manage program flow and object state through iterative reasoning cycles. The project distinguishes itself through its focus on code-based agent implementation and secure execution environments. Developers can ch
Implements security measures and sandboxing to protect against risks associated with agent-generated code.
Pangolin is a zero-trust remote access platform designed to provide secure, identity-aware connectivity to private network resources. It functions as a cloud-native network controller that orchestrates encrypted tunnels, traffic routing, and access policies across distributed environments. By leveraging WireGuard for secure data transport, the platform enables authenticated access to internal web applications, terminal sessions, and remote desktops without exposing services to the public internet. The platform distinguishes itself through a declarative infrastructure model that synchronizes n
Enforces token-based authentication for secure data exchange between monitoring agents and the central dashboard.
This project is a comprehensive framework for developing, orchestrating, and deploying autonomous agents. It provides a structured environment for building agents that utilize reasoning loops to perform multi-step tasks, manage state through graph-based workflows, and interact with external tools. By mapping unstructured model outputs into typed schemas, the framework ensures reliable integration with downstream application logic. The platform distinguishes itself through a focus on production-grade reliability and security. It incorporates hybrid memory systems that combine vector embeddings
Implements safety protocols, input validation, and human-in-the-loop workflows to secure agent operations.
The AWS Cloud Development Kit is an infrastructure-as-code framework that enables developers to define and provision cloud resources using familiar programming languages. By utilizing construct-based synthesis, it translates high-level, object-oriented code into declarative templates, allowing for the automated management of complex cloud environments through a centralized, code-driven control plane. The framework distinguishes itself through its ability to model infrastructure as a dependency-aware resource graph, ensuring that components are provisioned and updated in the correct order. It
Manages authentication and access control for agents by integrating with existing identity providers.
CrowdSec is a collaborative, distributed security engine designed for threat detection and infrastructure protection. It functions as an intrusion detection system that parses logs and network traffic to identify malicious patterns, utilizing a bucket-based threshold detection model to aggregate events and trigger alerts. The platform is built on a modular architecture that includes a centralized local API server for managing security signals and a relational database for persistent storage of remediation decisions. What distinguishes the project is its decoupled enforcement model, which offl
Allows administrators to verify the connectivity and operational health of security agents.
This project is a JSON Web Token implementation library and toolkit for encoding, signing, and validating tokens. It provides the necessary functions to manage token claims and payloads for user authentication and authorization. The library supports both symmetric and asymmetric cryptography, allowing for the use of shared secrets or public-private key pairs. It enables the creation of signed tokens and the verification of their authenticity and integrity to prevent data tampering. The toolkit covers a broad range of identity and access control capabilities, including the embedding of custom
Decodes tokens and validates signatures to ensure payload integrity and authenticity.
mcp-agent is a framework for building AI agents that integrate with Model Context Protocol servers to execute tools and access data. It functions as a multi-agent orchestrator and protocol-compliant server, enabling the creation of agents that can discover and invoke tools from connected external servers. The project distinguishes itself through a durable workflow engine that supports long-running tasks capable of pausing, resuming, and surviving restarts. It implements complex orchestration patterns, including iterative evaluator-optimizer loops, hierarchical workflow nesting, and specialist
Handles the acquisition and storage of secure tokens to authenticate communication between agents and protocol servers.
PraisonAI is an autonomous AI agent platform that coordinates multiple LLM-powered agents for research, planning, and execution of complex workflows. It functions as a multi-agent orchestration framework, a workflow builder, and a Model Context Protocol server, while also providing retrieval-augmented generation through vector knowledge bases. Agents can interact via CLI, web, or standardized protocols with sandboxed code execution. The platform distinguishes itself with a rich set of agent communication protocols, including A2A, REST, WebSocket, voice and telephony integration, and MCP, allo
Activates injection defense and audit logging across all agents with a single call.
Empire is a post-exploitation command-and-control (C2) framework designed for red team operations. It deploys and manages agents written in PowerShell, Python, C#, Go, and C across Windows, Linux, and macOS, using encrypted communication channels over HTTP, HTTPS, and SMB. The framework executes over 400 built-in modules for reconnaissance, privilege escalation, credential theft, and lateral movement, and provides a modular engine for authoring custom attack modules. What sets Empire apart is its multi-language agent deployment system, which allows operators to choose implants that suit each
Establishes encrypted communications between the control server and agents using a two-stage key exchange.
El agent-governance-toolkit es un framework para aplicar políticas de seguridad, gestionar identidades de confianza cero (zero-trust) y aislar (sandbox) la ejecución de agentes de IA autónomos. Proporciona una capa de gobernanza diseñada para controlar el comportamiento de los agentes mediante el uso de un motor de políticas de seguridad, gestión de identidad criptográfica y un sandbox de ejecución en tiempo de ejecución. El proyecto se distingue por un sistema de anillos de privilegios de múltiples niveles y una malla de identidad criptográfica que asegura la comunicación entre entidades autónomas. Implementa un mecanismo de puntuación de confianza basado en decaimiento para rastrear la confiabilidad de la entidad y utiliza registros de auditoría encadenados por hash y a prueba de manipulaciones para mantener un historial verificable de ejecución. El toolkit cubre una amplia gama de áreas de capacidad, incluyendo seguridad de prompts para defenderse contra ataques de inyección, mapeo automatizado de cumplimiento frente a estándares regulatorios y orquestación de flujos de trabajo autónomos utilizando patrones de saga. También cuenta con monitoreo de flota para rastrear la salud y los límites de gasto, así como aislamiento de ejecución de herramientas para restringir el acceso no autorizado a recursos. Se proporciona una interfaz de línea de comandos para ejecutar señales de control, validar políticas de gobernanza y gestionar la instalación de extensiones.
Identifies and mitigates vulnerabilities in AI agents based on industry standards like the OWASP Agentic Top 10.
This project is an educational curriculum and architectural framework for building autonomous AI agents and multi-agent systems. It provides a structured learning path focused on the development of independent software components capable of planning, executing tasks, and utilizing external tools to achieve high-level goals. The framework emphasizes multi-agent system orchestration through distributed architectures where specialized agents collaborate using standardized communication protocols. It details specific design patterns such as dual-memory systems for maintaining short-term plans and
Implements token and API key authentication to verify agent identity and authorize requests.
Velociraptor is a digital forensics and incident response platform, endpoint detection and response system, and visibility tool. It provides a query engine and remote forensic collector used to hunt for indicators of compromise and perform triage across a fleet of hosts. The system is distinguished by its specialized query language for interrogating host state and parsing binary files. It features a notebook environment that combines markdown documentation with executable query cells to standardize investigative workflows and enable collaborative reporting. The platform covers a wide range o
Provides utilities to purge stale or inactive endpoint registrations from the server based on age thresholds.
vibe-vibe is an LLM agent engineering framework and toolchain optimizer designed for orchestrating multi-agent systems. It serves as a comprehensive guide and methodology for transforming conceptual ideas into deployed applications through agentic software engineering. The project focuses on the orchestration of specialized AI agent roles with defined collaboration boundaries and iterative feedback loops. It provides frameworks for toolchain optimization, including the selection and evaluation of protocols that extend model capabilities and the design of standardized tool interfaces. The sys
Determines appropriate isolation levels across tool and execution layers to secure autonomous agent systems.
Kimi-code is a command-line interface and orchestration framework designed to integrate autonomous AI agents into software development workflows. It functions as a terminal-based assistant that manages multi-step coding tasks, including planning, file system modifications, shell command execution, and test running, all while maintaining conversational context within a local development environment. The project distinguishes itself through a focus on secure, autonomous agent orchestration and granular control over AI interactions. It enforces strict security by requiring explicit user approval
Verifies agent identity using secure tokens for authorized operations on external platforms.
This project provides a comprehensive framework for building, deploying, and orchestrating autonomous agents within a decentralized network. It serves as a collection of patterns and examples for developing intelligent software entities capable of performing complex tasks, making decisions, and interacting with other agents to achieve shared goals. The framework distinguishes itself through its focus on multi-agent orchestration and decentralized communication. It enables the coordination of specialized agent teams that collaborate on workflows through structured messaging protocols, allowing
Secures agentic architectures by restricting public exposure to a primary orchestrator while keeping workers local.