Documentation

Open-source security platform for AI agents. Pick a tool to get started.

New here? Start with the CLI. One command to scan, protect, and monitor.

npx opena2a-cli init

Scan & Fix

Find vulnerabilities, test defenses, and protect credentials

OpenA2A CLI

Unified security platform. Scan, protect, monitor, and detect Shadow AI agents and MCP servers.

View Docs

HackMyAgent

Security scanner, red-team toolkit, OASB benchmark, and runtime protection. 147 security checks with auto-fix.

View Docs

Secretless

Credential protection for AI tools. Prevents key leakage in LLM contexts.

View Docs

Identity & Trust

Agent identity, browser protection, and supply chain trust

AIM

Agent Identity Management. Ed25519 identity, trust scoring, MCP security, ABOM.

View Docs

Browser Guard

Chrome extension for detecting and controlling browser-based AI agents.

View Docs

Registry

Agent trust registry and supply chain verification for the OpenA2A ecosystem.

View Docs

Train & Extend

Security training and cryptographic readiness

DVAA

Damn Vulnerable AI Agent. Intentionally vulnerable agent for security training.

View Docs

CryptoServe

Post-quantum cryptographic readiness. Inventory, assess, and upgrade crypto.

View Docs

Not sure which tool you need?

Follow the getting-started guide to find the right tool for your use case.