Find. Fix. Prove.
Open-source identity, testing, and compliance for AI agents and MCP servers.
From the founders of CyberSecurity NonProfit (12,000+ security professionals)
Agents operate without cryptographic identity. You can't verify who did what.
Your agents connect blindly to untrusted services. No attestation, no verification.
No audit trail. No logs. You find out about breaches weeks later.
AI agents are the fastest-growing class of non-human identity — but they're invisible to traditional IAM and NHI tools.
Six open-source tools that cover every OASB control — from identity to testing to compliance.
Agent Identity Management — cryptographic identity, access control, audit logging for AI agents.
$ pip install aim-sdkSecurity scanner and red-team toolkit. 147 checks, 55 attack payloads, auto-fix with rollback.
$ npx hackmyagent secureBlocks AI coding tools from reading credentials. PreToolUse hooks, 20+ file patterns, 12 secret detectors.
$ npx secretless-ai initDamn Vulnerable AI Agent — 10 intentionally vulnerable agents, 8 attack classes, CTF challenges.
$ docker run -p 3000:3000 opena2a/dvaaOpen Agent Security Benchmark — 46 controls, 3 maturity levels, SOC 2 / ISO 27001 / NIST CSF mapping.
$ npx hackmyagent secure --benchmark oasb-1Security plugins for OpenClaw bots — credential vaults, skill integrity, config signing, and more.
$ npm install @opena2a/skillguard-openclaw$ pip install aim-sdkagent = secure("my-agent")Python, Java, and TypeScript SDKs with LangChain, CrewAI, Spring AI, and MCP integrations
from aim_sdk import secure
# One line - cryptographic identity, audit logging, trust scoring
agent = secure("my-agent")
# Wrap any action with capability enforcement
@agent.perform_action("db:read", resource="users")
def get_user_data(user_id: str):
return database.query(user_id)
# MCP servers auto-discovered and attested
# All actions logged with full audit trail
# Trust score updated in real-timeThe Open Agent Security Benchmark defines 46 controls across 10 categories. Here is which OpenA2A tool covers each.
Ed25519 keypairs, ownership registry, provenance via SBOM
Declared capabilities, runtime enforcement, least privilege
12 prompt injection payloads, boundary enforcement testing
Output validation checks, data exfiltration detection
Removes secrets from AI context, env var isolation, hooks
SkillGuard hash pinning, SignCrypt signing, dependency scanning
Mutual authentication, message integrity, trust boundaries
10 context manipulation payloads, conversation integrity testing
147 configuration checks, network isolation, sandbox detection
Audit logging, 8-factor trust scoring, security alerts, kill switch
Subscribe to our newsletter for weekly insights, vulnerability alerts, and best practices