Metadata-Version: 2.4
Name: q-uestionable-ai
Version: 0.2.0
Summary: Offensive security platform for agentic AI infrastructure
Project-URL: Homepage, https://q-uestionable.ai
Project-URL: Repository, https://github.com/q-uestionable-AI/qai
Project-URL: Issues, https://github.com/q-uestionable-AI/qai/issues
Author-email: Richard Spicer <richard@richardspicer.io>
License-Expression: Apache-2.0
License-File: LICENSE
Keywords: ai,mcp,offensive-security,red-team,security
Classifier: Development Status :: 2 - Pre-Alpha
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.14
Classifier: Topic :: Security
Requires-Python: >=3.11
Requires-Dist: anthropic>=0.84
Requires-Dist: fastapi>=0.115
Requires-Dist: icalendar>=6.1.0
Requires-Dist: jinja2>=3.1
Requires-Dist: keyring>=25.0
Requires-Dist: litellm>=1.80
Requires-Dist: mcp<2,>=1.26
Requires-Dist: piexif>=1.1.3
Requires-Dist: pypdf>=6.7.4
Requires-Dist: python-docx>=1.2.0
Requires-Dist: python-multipart>=0.0.20
Requires-Dist: pyyaml>=6.0
Requires-Dist: reportlab>=4.4.0
Requires-Dist: requests>=2.32.0
Requires-Dist: rich>=13.0
Requires-Dist: textual>=0.80
Requires-Dist: typer>=0.9
Requires-Dist: uvicorn[standard]>=0.34
Requires-Dist: websockets>=15.0
Provides-Extra: full
Requires-Dist: chromadb<2,>=1.5; extra == 'full'
Requires-Dist: numpy>=1.26; extra == 'full'
Requires-Dist: sentence-transformers<6,>=5.2; extra == 'full'
Provides-Extra: rxp
Requires-Dist: chromadb<2,>=1.5; extra == 'rxp'
Requires-Dist: numpy>=1.26; extra == 'rxp'
Requires-Dist: sentence-transformers<6,>=5.2; extra == 'rxp'
Description-Content-Type: text/markdown

# {q-AI}

[![CI](https://github.com/q-uestionable-AI/qai/actions/workflows/ci.yml/badge.svg)](https://github.com/q-uestionable-AI/qai/actions/workflows/ci.yml)
[![Python 3.11+](https://img.shields.io/badge/python-3.11+-blue.svg)](https://www.python.org/downloads/)
[![License: Apache 2.0](https://img.shields.io/badge/License-Apache_2.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
[![pre-commit](https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit&logoColor=white)](https://github.com/pre-commit/pre-commit)
![CodeRabbit Pull Request Reviews](https://img.shields.io/coderabbit/prs/github/q-uestionable-AI/qai?utm_source=oss&utm_medium=github&utm_campaign=q-uestionable-AI%2Fqai&labelColor=171717&color=FF570A&link=https%3A%2F%2Fcoderabbit.ai&label=CodeRabbit+Reviews)
[![Docs](https://img.shields.io/badge/docs-q--uestionable.ai-8b5cf6)](https://docs.q-uestionable.ai)

**Unified offensive security platform for agentic AI infrastructure.**

Seven research modules in one package: audit MCP servers, intercept agent traffic, test tool poisoning and prompt injection, execute multi-step attack chains, generate IPI payloads, poison coding assistant context files, and measure RAG retrieval rank. A local web UI orchestrates multi-module workflows. All findings write to a shared SQLite database.

> Research program by [Richard Spicer](https://richardspicer.io) · [{q-AI}](https://q-uestionable.ai)

---

## Install

```bash
pip install q-uestionable-ai
```

Or from source:

```bash
git clone https://github.com/q-uestionable-AI/qai.git
cd qai
uv sync --group dev
```

RXP requires optional dependencies:

```bash
pip install "q-uestionable-ai[rxp]"
```

---

## Usage

```bash
# Start the web UI (opens browser)
qai

# Audit — scan an MCP server against the OWASP MCP Top 10
qai audit scan --transport stdio --command "npx @modelcontextprotocol/server-everything"

# Proxy — intercept MCP traffic
qai proxy start --transport stdio --target-command "python my_server.py"

# Inject — run a tool poisoning campaign against any LLM provider
qai inject campaign --model anthropic/claude-sonnet-4-20250514
qai inject campaign --model openai/gpt-4o
qai inject campaign --model ollama/llama3

# Chain — execute multi-step attack chains
qai chain list-templates
qai chain run --chain-file chain.yaml --dry-run

# IPI — generate indirect prompt injection payloads
qai ipi generate --callback-url http://localhost:8080 --format pdf --output ./payloads/

# CXP — build poisoned coding assistant context repos
qai cxp build --format cursorrules --output ./test-repos/

# RXP — measure RAG retrieval rank of adversarial documents
qai rxp validate --profile rag-security --model minilm-l6
```

Full documentation at [docs.q-uestionable.ai](https://docs.q-uestionable.ai).

---

## Legal

All tools are intended for authorized security testing only. Only test systems you own, control, or have explicit permission to test. Responsible disclosure for all vulnerabilities discovered.

## License

[Apache 2.0](https://www.apache.org/licenses/LICENSE-2.0)

## AI Disclosure

This project uses a human-led, AI-augmented workflow. See [AI-STATEMENT.md](AI-STATEMENT.md).
