# tencent/ai-infra-guard

**Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/tencent-ai-infra-guard).**

2,971 stars · 294 forks · Python · other

## Links

- GitHub: https://github.com/Tencent/AI-Infra-Guard
- Homepage: https://tencent.github.io/AI-Infra-Guard/
- awesome-repositories: https://awesome-repositories.com/repository/tencent-ai-infra-guard.md

## Topics

`agent` `agent-scan` `agentskills` `ai` `ai-infra` `benchmark` `jailbreak` `llm` `llm-security` `mcp` `openclaw` `openclaw-security` `red-teaming` `scanner` `security` `security-tools` `skill-scan` `skills` `vulnerability-scanners`

## Description

AI-Infra-Guard is a security scanning platform designed to detect vulnerabilities across large language model deployments, AI agent skills, and the underlying infrastructure. It functions as a security toolset for auditing source code, evaluating model robustness, and identifying insecure network configurations.

The project provides a red teaming framework that uses curated attack datasets to test for jailbreak vulnerabilities and prompt injections. It also includes an infrastructure auditor that employs network fingerprinting and asset discovery to match running components against known common vulnerabilities and exposures databases.

The system covers a broad range of security assessment capabilities, including agent workflow auditing, remote source code scanning, and automated security pipelines. These processes are accessible via programmatic interfaces for triggering audits and system integrity checks.

## Tags

### Security & Cryptography

- [LLM Security](https://awesome-repositories.com/f/security-cryptography/security/ai-and-machine-learning/llm-security.md) — Provides a comprehensive platform for identifying and mitigating security vulnerabilities specific to LLM deployments.
- [Agent Security Auditing](https://awesome-repositories.com/f/security-cryptography/agent-security-auditing.md) — Scans AI agent configurations, source code, and remote endpoints for vulnerabilities and injection risks.
- [CVE Mapping](https://awesome-repositories.com/f/security-cryptography/compliance-standards/vulnerability-mapping/cve-mapping.md) — Links detected infrastructure software versions to known CVE identifiers using network fingerprinting. ([source](https://cdn.jsdelivr.net/gh/tencent/ai-infra-guard@main/README.md))
- [Infrastructure Fingerprinters](https://awesome-repositories.com/f/security-cryptography/device-fingerprinting/fingerprint-configuration/tls-fingerprinting/infrastructure-fingerprinters.md) — Detects running infrastructure components and configurations through network probing to map the attack surface.
- [File and URL Scans](https://awesome-repositories.com/f/security-cryptography/remote-security-scanning/file-and-url-scans.md) — Analyzes remote URLs and source files to detect security risks within AI agent skills and servers.
- [Adversarial Red Teaming Toolkits](https://awesome-repositories.com/f/security-cryptography/security/offensive-operations/vulnerability-research-analysis/analysis-discovery-tooling/adversarial-testing-resources/adversarial-red-teaming-toolkits.md) — Provides a framework for testing model robustness against safety guardrails using adversarial red teaming techniques.
- [Vulnerability Matching](https://awesome-repositories.com/f/security-cryptography/security/offensive-operations/vulnerability-research-analysis/research-reference-knowledge/vulnerability-databases/vulnerability-matching.md) — Compares detected network fingerprints and software versions against known CVE databases to identify insecure components.
- [AI Agent Scanners](https://awesome-repositories.com/f/security-cryptography/security/utilities/security-tools/vulnerability-assessment-tools/vulnerability-scanners/ai-agent-scanners.md) — Provides a dedicated tool for auditing the source code and remote endpoints of AI agent skills.
- [AI Model Vulnerabilities](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-vulnerabilities/ai-model-vulnerabilities.md) — Provides a red teaming framework to evaluate and identify jailbreak vulnerabilities and security risks in large language models. ([source](https://tencent.github.io/AI-Infra-Guard/](https://tencent.github.io/AI-Infra-Guard/))

### Artificial Intelligence & ML

- [Adversarial Robustness Testing](https://awesome-repositories.com/f/artificial-intelligence-ml/machine-learning/infrastructure/model-evaluation-and-validation/model-capability-assessment/adversarial-robustness-testing.md) — Evaluates model stability and security using adversarial attack methods and curated datasets.
- [Model Red-Teaming](https://awesome-repositories.com/f/artificial-intelligence-ml/model-red-teaming.md) — Evaluates model robustness using curated attack datasets to detect potential jailbreak vulnerabilities.

### DevOps & Infrastructure

- [Infrastructure Scanning](https://awesome-repositories.com/f/devops-infrastructure/infrastructure-scanning.md) — Scans the infrastructure supporting AI systems to detect security weaknesses and facilitate risk self-examination. ([source](https://tencent.github.io/AI-Infra-Guard/](https://tencent.github.io/AI-Infra-Guard/))
- [AI Infrastructure Auditors](https://awesome-repositories.com/f/devops-infrastructure/infrastructure-scanning/ai-powered-infrastructure-scans/ai-infrastructure-auditors.md) — Identifies CVEs and insecure configurations within the network components supporting AI agents.
- [Infrastructure Security Audits](https://awesome-repositories.com/f/devops-infrastructure/infrastructure-scanning/infrastructure-health-scans/infrastructure-security-audits.md) — Performs automated security assessments of network assets and cloud infrastructure supporting AI environments.
- [Security Testing Pipelines](https://awesome-repositories.com/f/devops-infrastructure/security-automation-workflows/security-testing-pipelines.md) — Implements automated workflows that orchestrate a sequence of infrastructure audits and model evaluations for continuous risk assessment.
- [Vulnerability Management](https://awesome-repositories.com/f/devops-infrastructure/vulnerability-management.md) — Monitors and identifies known security flaws in infrastructure components by matching them against CVE databases.

### Part of an Awesome List

- [AI Application Security](https://awesome-repositories.com/f/awesome-lists/ai/ai-application-security.md) — Security assessment tool for AI infrastructure and LLM deployments.