Metadata-Version: 2.4
Name: oubliette-trap
Version: 0.2.0
Summary: AI Agent Deception Platform -- honeypots, fingerprinting, and intelligence for autonomous AI threats
Author: Oubliette Security
License-Expression: Apache-2.0
Keywords: ai,security,honeypot,deception,mcp,agent,fingerprinting,threat-intelligence,llm,red-team
Requires-Python: >=3.11
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: mcp>=1.20.0
Provides-Extra: api
Requires-Dist: fastapi>=0.100.0; extra == "api"
Requires-Dist: uvicorn>=0.20.0; extra == "api"
Provides-Extra: dev
Requires-Dist: pytest>=8.0; extra == "dev"
Requires-Dist: pytest-asyncio>=1.0; extra == "dev"
Provides-Extra: test
Requires-Dist: oubliette-trap[dev]; extra == "test"
Dynamic: license-file

# Oubliette

AI Agent Deception Platform -- honeypots, fingerprinting, and intelligence for autonomous AI threats.

Shield defends. Dungeon attacks. **Oubliette traps.**

## What It Does

Oubliette deploys realistic honeypot MCP servers that attract, contain, fingerprint, and extract intelligence from AI agents. Unlike static honeypots, Oubliette generates **interconnected fake environments** where every response references shared state -- making the deception resistant to fingerprinting by sophisticated agents.

- **Deception Layer** -- 15+ honey tools per profile forming coherent fake infrastructure
- **Fingerprinting Engine** -- passive behavioral analysis + active probes classify agents as LLM, script, human, or compromised
- **Intelligence Layer** -- events persisted to SQLite, exportable as STIX 2.1, CEF, or JSON

## Quick Start

```bash
pip install oubliette-trap

# Start honeypot (stdio transport for Claude Code)
oubliette-trap serve

# Network-accessible honeypot
oubliette-trap serve --transport sse --port 8080

# With active fingerprinting probes
oubliette-trap serve --profile default --active-probes

# Export collected intelligence
oubliette-trap export --format stix --output agents.json
oubliette-trap export --format cef --output events.log
```

### With Claude Code

Add to your MCP config:
```json
{
  "mcpServers": {
    "oubliette": {
      "command": "oubliette-trap",
      "args": ["serve"]
    }
  }
}
```

## How It Works

1. Agent discovers the honeypot via MCP server listing
2. Agent calls honey tools (list_services, get_credentials, etc.)
3. Responses form a coherent fake environment with planted breadcrumbs
4. Fingerprinting engine classifies the agent type from behavioral signals
5. Optional active probes (instruction traps, canary tokens) confirm LLM agents
6. All interactions persisted and exportable as threat intelligence

## Built By

[Oubliette Security](https://oubliettesecurity.com) -- AI security, cyber deception, and red teaming for defense applications.

## License

Apache 2.0
