awesome-repositories.com
Blog
awesome-repositories.com

Descubre los mejores repositorios open-source con nuestra búsqueda potenciada por IA.

ExplorarBúsquedas curadasAlternativas open-sourceSoftware autohospedableBlogMapa del sitio
ProyectoAcerca deCómo clasificamosPrensaServidor MCP
Aviso legalPrivacidadTérminos
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

18 repositorios

Awesome GitHub RepositoriesAgent Security

Frameworks and auditing tools designed to secure agent configurations and prevent vulnerabilities in automated systems.

Distinguishing note: Focuses on security auditing specifically for agentic architectures rather than general application security.

Explore 18 awesome GitHub repositories matching security & cryptography · Agent Security. Refine with filters or upvote what's useful.

Awesome Agent Security GitHub Repositories

Encuentra los mejores repositorios con IA.Buscaremos los repositorios que mejor coincidan usando IA.
  • affaan-m/eccAvatar de affaan-m

    affaan-m/ECC

    221,981Ver en GitHub↗

    ECC es un framework de orquestación de agentes LLM y una suite de herramientas de IA multiplataforma diseñada para coordinar flujos de trabajo de múltiples modelos. Proporciona un sistema para gestionar roles de agentes especializados, habilidades reutilizables y planificación estructurada para ejecutar tareas complejas de desarrollo de software a través de diferentes editores de código impulsados por IA. El proyecto se distingue como un gestor de Protocolo de Contexto de Modelo, proporcionando una capa de configuración para integrar servidores externos y auditar la ejecución de herramientas. Además, implementa un sandbox de seguridad agentic que restringe el acceso a archivos confidenciales y escanea en busca de fugas de secretos para asegurar flujos de trabajo autónomos. El framework cubre amplias áreas de capacidad, incluyendo la automatización del flujo de trabajo de codificación de IA con barandillas de desarrollo impulsado por pruebas, optimización de costos de modelos a través de enrutamiento inteligente y gestión de memoria con estado aislado. También incluye herramientas para hacer cumplir los estándares de codificación específicos del lenguaje y gestionar los comportamientos de los agentes a través de varios entornos de desarrollo integrados. El sistema se gestiona a través de una interfaz de línea de comandos que maneja la instalación de herramientas, la reparación de configuración y la implementación de preajustes de herramientas.

    Provides a security layer that scans for secret leakage and restricts file access in autonomous workflows.

    JavaScript
    Ver en GitHub↗221,981
  • affaan-m/everything-claude-codeAvatar de affaan-m

    affaan-m/everything-claude-code

    216,499Ver en GitHub↗

    Everything Claude Code es un framework agentic diseñado para orquestar flujos de trabajo complejos de desarrollo de software a través de la delegación de subagentes especializados. Funciona como un plano de control que gestiona el comportamiento del agente, el acceso a herramientas y la eficiencia de la ventana de contexto, permitiendo a los desarrolladores dividir tareas grandes en subprocesos enfocados y con alcance que evitan la sobrecarga del sistema. El framework se distingue por una capa robusta de seguridad y automatización que incluye análisis estático automatizado y red-teaming adversarial para auditar las configuraciones de los agentes. Permite la creación de patrones de comportamiento reutilizables y secuencias de automatización, que pueden compartirse entre entornos como habilidades modulares. Al sincronizar configuraciones específicas del proyecto e instrucciones de chat, asegura que los estándares de codificación y las restricciones de seguridad sigan siendo consistentes tanto en la línea de comandos como en los entornos de desarrollo integrados. Más allá de sus capacidades principales de orquestación, el proyecto proporciona herramientas integrales para gestionar los costos operativos durante sesiones de larga duración. Incluye mecanismos para la optimización dinámica de tokens, gestión del estado de la sesión y hooks basados en eventos que activan scripts de validación o cumplimiento de calidad. El sistema también admite la extracción de patrones recurrentes del historial de control de versiones para generar colecciones de habilidades especializadas, agilizando aún más las tareas de desarrollo repetitivas.

    A set of automated tools and validation hooks designed to audit agent configurations and prevent vulnerabilities during development.

    JavaScriptai-agentsanthropicclaude
    Ver en GitHub↗216,499
  • github/awesome-copilotAvatar de github

    github/awesome-copilot

    35,119Ver en GitHub↗

    Awesome Copilot is a comprehensive framework for autonomous software development, providing the infrastructure to orchestrate multi-agent teams and automate complex coding workflows. It functions as a centralized platform for managing AI-driven development, enabling developers to deploy specialized agents that interact with local files, terminal commands, and external APIs to execute end-to-end software delivery tasks. The project distinguishes itself through its focus on governance and extensibility, offering a suite of security controls, policy-based execution guardrails, and audit trails t

    Checks agent-based systems against industry security standards to identify vulnerabilities and ensure compliance.

    Pythonaigithub-copilothacktoberfest
    Ver en GitHub↗35,119
  • huggingface/smolagentsAvatar de huggingface

    huggingface/smolagents

    27,885Ver en GitHub↗

    This framework provides a development toolkit for building autonomous agents that utilize language models to solve complex, non-deterministic tasks. Its core design centers on a code-executing architecture where agents generate and run Python code snippets to perform logic, data manipulation, and tool interactions. By moving beyond structured data formats, the system enables agents to manage program flow and object state through iterative reasoning cycles. The project distinguishes itself through its focus on code-based agent implementation and secure execution environments. Developers can ch

    Implements security measures and sandboxing to protect against risks associated with agent-generated code.

    Python
    Ver en GitHub↗27,885
  • fosrl/pangolinAvatar de fosrl

    fosrl/pangolin

    21,255Ver en GitHub↗

    Pangolin is a zero-trust remote access platform designed to provide secure, identity-aware connectivity to private network resources. It functions as a cloud-native network controller that orchestrates encrypted tunnels, traffic routing, and access policies across distributed environments. By leveraging WireGuard for secure data transport, the platform enables authenticated access to internal web applications, terminal sessions, and remote desktops without exposing services to the public internet. The platform distinguishes itself through a declarative infrastructure model that synchronizes n

    Enforces token-based authentication for secure data exchange between monitoring agents and the central dashboard.

    TypeScriptcrowdsecdockerhome-lab
    Ver en GitHub↗21,255
  • nirdiamant/agents-towards-productionAvatar de NirDiamant

    NirDiamant/agents-towards-production

    17,375Ver en GitHub↗

    This project is a comprehensive framework for developing, orchestrating, and deploying autonomous agents. It provides a structured environment for building agents that utilize reasoning loops to perform multi-step tasks, manage state through graph-based workflows, and interact with external tools. By mapping unstructured model outputs into typed schemas, the framework ensures reliable integration with downstream application logic. The platform distinguishes itself through a focus on production-grade reliability and security. It incorporates hybrid memory systems that combine vector embeddings

    Implements safety protocols, input validation, and human-in-the-loop workflows to secure agent operations.

    Jupyter Notebookagentagent-frameworkagents
    Ver en GitHub↗17,375
  • aws/aws-cdkAvatar de aws

    aws/aws-cdk

    12,817Ver en GitHub↗

    The AWS Cloud Development Kit is an infrastructure-as-code framework that enables developers to define and provision cloud resources using familiar programming languages. By utilizing construct-based synthesis, it translates high-level, object-oriented code into declarative templates, allowing for the automated management of complex cloud environments through a centralized, code-driven control plane. The framework distinguishes itself through its ability to model infrastructure as a dependency-aware resource graph, ensuring that components are provisioned and updated in the correct order. It

    Manages authentication and access control for agents by integrating with existing identity providers.

    TypeScriptawscloud-infrastructurehacktoberfest
    Ver en GitHub↗12,817
  • crowdsecurity/crowdsecAvatar de crowdsecurity

    crowdsecurity/crowdsec

    12,574Ver en GitHub↗

    CrowdSec is a collaborative, distributed security engine designed for threat detection and infrastructure protection. It functions as an intrusion detection system that parses logs and network traffic to identify malicious patterns, utilizing a bucket-based threshold detection model to aggregate events and trigger alerts. The platform is built on a modular architecture that includes a centralized local API server for managing security signals and a relational database for persistent storage of remediation decisions. What distinguishes the project is its decoupled enforcement model, which offl

    Allows administrators to verify the connectivity and operational health of security agents.

    Goattacks-preventiondetectionids
    Ver en GitHub↗12,574
  • golang-jwt/jwtAvatar de golang-jwt

    golang-jwt/jwt

    8,908Ver en GitHub↗

    This project is a JSON Web Token implementation library and toolkit for encoding, signing, and validating tokens. It provides the necessary functions to manage token claims and payloads for user authentication and authorization. The library supports both symmetric and asymmetric cryptography, allowing for the use of shared secrets or public-private key pairs. It enables the creation of signed tokens and the verification of their authenticity and integrity to prevent data tampering. The toolkit covers a broad range of identity and access control capabilities, including the embedding of custom

    Decodes tokens and validates signatures to ensure payload integrity and authenticity.

    Goauthed25519go
    Ver en GitHub↗8,908
  • lastmile-ai/mcp-agentAvatar de lastmile-ai

    lastmile-ai/mcp-agent

    8,037Ver en GitHub↗

    mcp-agent is a framework for building AI agents that integrate with Model Context Protocol servers to execute tools and access data. It functions as a multi-agent orchestrator and protocol-compliant server, enabling the creation of agents that can discover and invoke tools from connected external servers. The project distinguishes itself through a durable workflow engine that supports long-running tasks capable of pausing, resuming, and surviving restarts. It implements complex orchestration patterns, including iterative evaluator-optimizer loops, hierarchical workflow nesting, and specialist

    Handles the acquisition and storage of secure tokens to authenticate communication between agents and protocol servers.

    Pythonagentsaiai-agents
    Ver en GitHub↗8,037
  • mervinpraison/praisonaiAvatar de MervinPraison

    MervinPraison/PraisonAI

    5,592Ver en GitHub↗

    PraisonAI is an autonomous AI agent platform that coordinates multiple LLM-powered agents for research, planning, and execution of complex workflows. It functions as a multi-agent orchestration framework, a workflow builder, and a Model Context Protocol server, while also providing retrieval-augmented generation through vector knowledge bases. Agents can interact via CLI, web, or standardized protocols with sandboxed code execution. The platform distinguishes itself with a rich set of agent communication protocols, including A2A, REST, WebSocket, voice and telephony integration, and MCP, allo

    Activates injection defense and audit logging across all agents with a single call.

    Pythonagentsaiai-agent-framework
    Ver en GitHub↗5,592
  • bc-security/empireAvatar de BC-SECURITY

    BC-SECURITY/Empire

    5,045Ver en GitHub↗

    Empire is a post-exploitation command-and-control (C2) framework designed for red team operations. It deploys and manages agents written in PowerShell, Python, C#, Go, and C across Windows, Linux, and macOS, using encrypted communication channels over HTTP, HTTPS, and SMB. The framework executes over 400 built-in modules for reconnaissance, privilege escalation, credential theft, and lateral movement, and provides a modular engine for authoring custom attack modules. What sets Empire apart is its multi-language agent deployment system, which allows operators to choose implants that suit each

    Establishes encrypted communications between the control server and agents using a two-stage key exchange.

    PowerShellc2empirehacktoberfest
    Ver en GitHub↗5,045
  • microsoft/agent-governance-toolkitAvatar de microsoft

    microsoft/agent-governance-toolkit

    4,522Ver en GitHub↗

    El agent-governance-toolkit es un framework para aplicar políticas de seguridad, gestionar identidades de confianza cero (zero-trust) y aislar (sandbox) la ejecución de agentes de IA autónomos. Proporciona una capa de gobernanza diseñada para controlar el comportamiento de los agentes mediante el uso de un motor de políticas de seguridad, gestión de identidad criptográfica y un sandbox de ejecución en tiempo de ejecución. El proyecto se distingue por un sistema de anillos de privilegios de múltiples niveles y una malla de identidad criptográfica que asegura la comunicación entre entidades autónomas. Implementa un mecanismo de puntuación de confianza basado en decaimiento para rastrear la confiabilidad de la entidad y utiliza registros de auditoría encadenados por hash y a prueba de manipulaciones para mantener un historial verificable de ejecución. El toolkit cubre una amplia gama de áreas de capacidad, incluyendo seguridad de prompts para defenderse contra ataques de inyección, mapeo automatizado de cumplimiento frente a estándares regulatorios y orquestación de flujos de trabajo autónomos utilizando patrones de saga. También cuenta con monitoreo de flota para rastrear la salud y los límites de gasto, así como aislamiento de ejecución de herramientas para restringir el acceso no autorizado a recursos. Se proporciona una interfaz de línea de comandos para ejecutar señales de control, validar políticas de gobernanza y gestionar la instalación de extensiones.

    Identifies and mitigates vulnerabilities in AI agents based on industry standards like the OWASP Agentic Top 10.

    Python
    Ver en GitHub↗4,522
  • panaversity/learn-agentic-aiAvatar de panaversity

    panaversity/learn-agentic-ai

    3,908Ver en GitHub↗

    This project is an educational curriculum and architectural framework for building autonomous AI agents and multi-agent systems. It provides a structured learning path focused on the development of independent software components capable of planning, executing tasks, and utilizing external tools to achieve high-level goals. The framework emphasizes multi-agent system orchestration through distributed architectures where specialized agents collaborate using standardized communication protocols. It details specific design patterns such as dual-memory systems for maintaining short-term plans and

    Implements token and API key authentication to verify agent identity and authorize requests.

    Jupyter Notebooka2aagentic-aidapr
    Ver en GitHub↗3,908
  • velocidex/velociraptorAvatar de Velocidex

    Velocidex/velociraptor

    3,769Ver en GitHub↗

    Velociraptor is a digital forensics and incident response platform, endpoint detection and response system, and visibility tool. It provides a query engine and remote forensic collector used to hunt for indicators of compromise and perform triage across a fleet of hosts. The system is distinguished by its specialized query language for interrogating host state and parsing binary files. It features a notebook environment that combines markdown documentation with executable query cells to standardize investigative workflows and enable collaborative reporting. The platform covers a wide range o

    Provides utilities to purge stale or inactive endpoint registrations from the server based on age thresholds.

    Godigital-forensicsendpoint-discoveryendpoint-protection
    Ver en GitHub↗3,769
  • datawhalechina/vibe-vibeAvatar de datawhalechina

    datawhalechina/vibe-vibe

    3,126Ver en GitHub↗

    vibe-vibe is an LLM agent engineering framework and toolchain optimizer designed for orchestrating multi-agent systems. It serves as a comprehensive guide and methodology for transforming conceptual ideas into deployed applications through agentic software engineering. The project focuses on the orchestration of specialized AI agent roles with defined collaboration boundaries and iterative feedback loops. It provides frameworks for toolchain optimization, including the selection and evaluation of protocols that extend model capabilities and the design of standardized tool interfaces. The sys

    Determines appropriate isolation levels across tool and execution layers to secure autonomous agent systems.

    agentagentic-aiai
    Ver en GitHub↗3,126
  • moonshotai/kimi-codeAvatar de MoonshotAI

    MoonshotAI/kimi-code

    2,473Ver en GitHub↗

    Kimi-code is a command-line interface and orchestration framework designed to integrate autonomous AI agents into software development workflows. It functions as a terminal-based assistant that manages multi-step coding tasks, including planning, file system modifications, shell command execution, and test running, all while maintaining conversational context within a local development environment. The project distinguishes itself through a focus on secure, autonomous agent orchestration and granular control over AI interactions. It enforces strict security by requiring explicit user approval

    Verifies agent identity using secure tokens for authorized operations on external platforms.

    TypeScript
    Ver en GitHub↗2,473
  • fetchai/innovation-lab-examplesAvatar de fetchai

    fetchai/innovation-lab-examples

    1,028Ver en GitHub↗

    This project provides a comprehensive framework for building, deploying, and orchestrating autonomous agents within a decentralized network. It serves as a collection of patterns and examples for developing intelligent software entities capable of performing complex tasks, making decisions, and interacting with other agents to achieve shared goals. The framework distinguishes itself through its focus on multi-agent orchestration and decentralized communication. It enables the coordination of specialized agent teams that collaborate on workflows through structured messaging protocols, allowing

    Secures agentic architectures by restricting public exposure to a primary orchestrator while keeping workers local.

    Python
    Ver en GitHub↗1,028
  1. Home
  2. Security & Cryptography
  3. Agent Security

Explorar subetiquetas

  • Agent Registration UtilitiesCommand-line tools for automating the secure registration and provisioning of security agents. **Distinct from Agent Security:** Distinct from Agent Security: focuses on the registration and lifecycle management of agents rather than their internal security hardening.
  • Global Security PoliciesApplies injection defense and audit logging across all agents with a single configuration call. **Distinct from Agent Security:** Distinct from Agent Security: focuses on global application of security measures across all agents without per-agent configuration.
  • Isolation Layer DesignDesign of boundaries between tool and execution layers to prevent unauthorized agent actions. **Distinct from Agent Security:** Focuses on the structural isolation of layers rather than general security auditing of configurations.
  • Security Agent Inspectors1 sub-etiquetaUtilities for retrieving status and configuration details of security agent instances. **Distinct from Agent Security:** Distinct from Agent Security: focuses on the inspection and health monitoring of agents rather than securing the agent architecture itself.
  • Security Agent RevocationsUtilities for removing and revoking access for registered security agents. **Distinct from Agent Security:** Distinct from Agent Security: focuses on the removal and lifecycle management of agents rather than securing the agent architecture.
  • Token AuthenticationMechanisms for verifying agent identity using secure tokens. **Distinct from Agent Security:** Focuses on token-based authentication for agent communication, distinct from general agent security auditing.
  • Two-Stage Key ExchangesEstablishment of encrypted communications between the control server and agents using a two-stage key exchange and encrypted routing. **Distinct from Agent Security:** Distinct from Agent Security: covers the two-stage key exchange for secure staging, not general agent security auditing.