Metadata-Version: 2.4
Name: agent-guardian
Version: 1.0.0rc1
Summary: Adversarial swarm framework for agentic AI red-teaming. Eleven specialist agents, deterministic AIVSS score, OWASP ASI / MITRE ATLAS / CSA aligned.
Project-URL: Homepage, https://agentguardian.ai
Project-URL: Documentation, https://agentguardian.ai/docs
Project-URL: Repository, https://github.com/glacien-technologies/agent-guardian
Project-URL: Issues, https://github.com/glacien-technologies/agent-guardian/issues
Project-URL: Changelog, https://github.com/glacien-technologies/agent-guardian/blob/main/CHANGELOG.md
Author-email: "Glacien Pte. Ltd." <opensource@glacien.ai>
License: Apache-2.0
License-File: LICENSE
License-File: NOTICE
Keywords: agent,agentic-ai,aivss,llm,mitre-atlas,owasp,red-team,security
Classifier: Development Status :: 3 - Alpha
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: Information Technology
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Topic :: Security
Classifier: Topic :: Software Development :: Quality Assurance
Classifier: Topic :: Software Development :: Testing
Requires-Python: <3.14,>=3.10
Requires-Dist: cryptography>=43.0
Requires-Dist: exceptiongroup>=1.2; python_version < '3.11'
Requires-Dist: fastapi>=0.115
Requires-Dist: httpx>=0.28
Requires-Dist: jinja2>=3.1
Requires-Dist: pydantic>=2.9
Requires-Dist: pyyaml>=6.0
Requires-Dist: rich>=13.9
Requires-Dist: structlog>=24.4
Requires-Dist: textual>=0.86
Requires-Dist: typer>=0.15
Requires-Dist: uvicorn[standard]>=0.32
Provides-Extra: dev
Requires-Dist: hypothesis>=6.115; extra == 'dev'
Requires-Dist: mypy>=1.13; extra == 'dev'
Requires-Dist: pip-licenses>=5.0; extra == 'dev'
Requires-Dist: pre-commit>=4.0; extra == 'dev'
Requires-Dist: pytest-asyncio>=0.24; extra == 'dev'
Requires-Dist: pytest-cov>=6.0; extra == 'dev'
Requires-Dist: pytest>=8.3; extra == 'dev'
Requires-Dist: respx>=0.22; extra == 'dev'
Requires-Dist: ruff>=0.8; extra == 'dev'
Provides-Extra: docs
Requires-Dist: mkdocs-material>=9.5; extra == 'docs'
Requires-Dist: mkdocs>=1.6; extra == 'docs'
Provides-Extra: full
Requires-Dist: faiss-cpu>=1.9; extra == 'full'
Requires-Dist: presidio-analyzer>=2.2; extra == 'full'
Requires-Dist: sentence-transformers>=3.3; extra == 'full'
Requires-Dist: weasyprint>=63.0; extra == 'full'
Provides-Extra: pdf-fallback
Requires-Dist: reportlab>=4.2; extra == 'pdf-fallback'
Description-Content-Type: text/markdown

# AgentGuardian Open

[![PyPI](https://img.shields.io/pypi/v/agent-guardian.svg)](https://pypi.org/project/agent-guardian/)
[![Python](https://img.shields.io/pypi/pyversions/agent-guardian.svg)](https://pypi.org/project/agent-guardian/)
[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](LICENSE)
[![CI](https://github.com/glacien-technologies/agent-guardian/actions/workflows/ci.yml/badge.svg)](https://github.com/glacien-technologies/agent-guardian/actions/workflows/ci.yml)
[![Docs](https://img.shields.io/badge/docs-agentguardian.ai-cyan.svg)](https://glacien-technologies.github.io/agent-guardian/)

> The first open-source adversarial-swarm framework for agentic AI
> red-teaming. Eleven specialist agents attack your AI agent in parallel
> under a Swarm Commander LLM. Output: a deterministic 0–100 **AIVSS
> score** aligned with the OWASP Top 10 for Agentic Applications 2026,
> MITRE ATLAS v5.4.0, and the CSA Agentic AI Red Teaming Guide.

## Why

Single-chain red-teaming tools send one prompt at a time. Production
agents compose tools, hold memory, talk to other agents, and run real
code — and that surface needs eleven attackers working in concert.

AgentGuardian deploys a **swarm**: a reconnaissance agent maps your
target, then ten specialist agents (one per OWASP ASI category) attack
concurrently, coordinated by a Swarm Commander that re-tasks idle agents
and stops early on convergence. Every finding is triple-tagged with
OWASP ASI, MITRE ATLAS, and CSA Agentic-RT categories.

Read the full rationale: [Why we built this](https://glacien-technologies.github.io/agent-guardian/why/).

## How it compares

| Tool             | Multi-agent swarm | Agentic-AI focus | Standards alignment             | Open formula | License     |
|------------------|:-----------------:|:----------------:|---------------------------------|:------------:|-------------|
| PyRIT            |        no         |        no        | NIST AI RMF (partial)           |    no        | MIT         |
| garak            |        no         |        no        | own taxonomy                    |    no        | Apache-2.0  |
| Promptfoo        |        no         |        no        | own taxonomy                    |    no        | MIT         |
| Inspect          |        no         |        no        | own taxonomy                    |    no        | MIT         |
| DeepTeam         |        no         |        no        | OWASP LLM Top 10                |    no        | Apache-2.0  |
| **AgentGuardian** |     **yes**       |    **yes**       | **OWASP ASI + ATLAS + CSA + AIVSS** | **yes**   | **Apache-2.0** |

## Quickstart

```bash
pip install agent-guardian

# Pick an LLM backend, or use --model stub for zero-key testing.
export OPENAI_API_KEY=sk-...

# Scan a system prompt
echo "You are a helpful customer-support bot." > prompt.txt
agent-guardian scan --system-prompt prompt.txt

# Live dashboard at http://localhost:7474
agent-guardian serve

# Marketing badge
agent-guardian badge $(agent-guardian last-score) --svg > badge.svg
```

Full walkthrough: [Five-minute quickstart](https://glacien-technologies.github.io/agent-guardian/quickstart/).

## Run with Docker

```bash
docker build -t agent-guardian:dev .
docker run --rm -p 7474:7474 agent-guardian:dev serve --host 0.0.0.0
```

Or with the bundled compose file:

```bash
docker compose up --build
```

## Architecture

```
                          ┌─────────────────────────────┐
                          │     Swarm Commander LLM     │
                          │  (orchestration & dispatch) │
                          └──────────┬──────────────────┘
                                     │
                ┌────────────────────┼────────────────────┐
                │                    │                    │
                ▼                    ▼                    ▼
        ┌──────────────┐     ┌──────────────┐     ┌──────────────┐
        │  Recon Agent │     │   Shared     │     │   Findings   │
        │  (map target)│◀───▶│ Vector Memory│◀───▶│  Aggregator  │
        └──────────────┘     └──────────────┘     └──────────────┘
                                     ▲
                ┌────────────────────┼────────────────────┐
                │   Ten ASI-aligned specialist attackers  │
                │   running in parallel                   │
                │                                         │
                │   ASI01  Goal Hijack                    │
                │   ASI02  Tool Misuse                    │
                │   ASI03  Privilege Abuse                │
                │   ASI04  Supply Chain                   │
                │   ASI05  Unauthorised Code Execution    │
                │   ASI06  Memory Poisoning               │
                │   ASI07  Agent-to-Agent Compromise      │
                │   ASI08  Cascading Failures             │
                │   ASI09  Trust Exploitation             │
                │   ASI10  Rogue Agent / Drift            │
                └─────────────────────────────────────────┘
```

Full architecture: [docs/architecture](https://glacien-technologies.github.io/agent-guardian/architecture/).

## Status

Active development, pre-1.0. The swarm, the scorer, the dashboard, and
the signed-report pipeline are all in place. v1.0 ships on PyPI at M15.

Roadmap: [docs/roadmap](https://glacien-technologies.github.io/agent-guardian/roadmap/).

## Documentation

- [Why we built this](https://glacien-technologies.github.io/agent-guardian/why/)
- [Quickstart](https://glacien-technologies.github.io/agent-guardian/quickstart/)
- [Architecture](https://glacien-technologies.github.io/agent-guardian/architecture/)
- [AIVSS formula](https://glacien-technologies.github.io/agent-guardian/aivss-formula/)
- [Adapters](https://glacien-technologies.github.io/agent-guardian/adapters/)
- [API reference](https://glacien-technologies.github.io/agent-guardian/api-reference/)
- [Ethics and responsible use](https://glacien-technologies.github.io/agent-guardian/ethics/)
- [Roadmap](https://glacien-technologies.github.io/agent-guardian/roadmap/)

## Contributing

We welcome probes, adapters, bug reports, and PRs. See
[CONTRIBUTING.md](CONTRIBUTING.md). All contributions require a
[DCO sign-off](https://developercertificate.org/).

## Security

See [SECURITY.md](SECURITY.md) for responsible-disclosure policy. If you
find a vulnerability in AgentGuardian itself, please email
[security@glacien.ai](mailto:security@glacien.ai) instead of filing a
public issue.

## Ethics

AgentGuardian Open is for testing systems you own or are explicitly
authorised to test. Use against third-party systems without
authorisation is unlawful in most jurisdictions and a violation of
these terms. See [Ethics](https://glacien-technologies.github.io/agent-guardian/ethics/).

## License

Apache License 2.0. See [LICENSE](LICENSE) and [NOTICE](NOTICE).

## Trademark

"AgentGuardian" is a trademark of Glacien Pte. Ltd. See
[TRADEMARKS.md](TRADEMARKS.md).
