prompt-injection

Open-source security scanner for AI agents, MCP servers, and agent skills. It auto-discovers installed agent components and checks them for prompt injection, tool poisoning, secrets, malware payloads, and related risks.

An OWASP incubator project that protects AI agent memory from prompt injection, secret leakage, and tampering. It includes a Python library, policy-based controls, benchmarks, and integrations for agent frameworks like LangChain and AutoGen.

Open-source authorization engine for AI agents that adds confidence-based gating, human review, policy-as-code, and audit logging. The repo shows quickstart code, local demo steps, SDK installs, and self-hosting options.

NILScript is an open standard and CLI toolkit for letting AI agents act on real systems through a gated propose → approve → commit → rollback flow. The page shows a live playground, quickstart commands, and benchmark claims around unauthorized writes.

A Blue41 case study on how a banking AI assistant could be abused through indirect prompt injection, and what mitigation layers help reduce the risk.

Jo is a secure programming language designed to help catch prompt injection and other unsafe behavior at compile time by enforcing explicit capability boundaries. The repository shows the language’s security model, code examples, installation flow, and current project status.

An open-source experiment that adds a small zero-initialized overlay layer to a frozen GPT-2 so its behavior can be adjusted at inference time without retraining the base model.