All projects.

Unified CLI for the OpenA2A security toolchain. Shadow AI detection, identity, governance, scanning, protection.

209 static security checks, 29 NanoMind semantic checks, and 164 adversarial payloads for AI agents.

Cryptographic identity, capability authorization, and audit trails for AI agents. Python, Java, TypeScript SDKs.

Keep API keys invisible to AI coding tools. Claude Code, Cursor, Copilot, Windsurf, Cline, Aider.

Trust score for AI packages before you install them. MCP servers, A2A agents, skills, LLM packages.

On-device intelligence for AI security tools. A 2M-param classifier and a 1.7B-param analyst.

Detect and control AI agents in the browser.

Intentionally vulnerable AI agents for security training and tool validation. The DVWA of AI agents.

Open standard for AI agent identity, capabilities, and trust.

Open standard for verifiable trust assertions about AI agents.

Agent Trust eXtension credential format. v1.1 signs capabilities, scan summary, issuer chain, and publisher over a canonical JCS (RFC 8785) projection.

W3C-style DID method for registry-resolved identifiers across registries, authorities, publishers, agents, MCP servers, AI tools, LLMs, and skills. Apache-2.0.

Resolves an agent's ATX trust into scoped resource access through a grant reference, with no credential value entering the agent context. Defines the decision and enforcement split and the Credential Provider Interface (Retrieve, Assume, Exchange).

Tactics and techniques for attacks on AI agent systems. 61 techniques across 9 tactics, mapped to MITRE, ATLAS, and OWASP.

Agent Behavioral Governance Specification. What goes in a SOUL.md file.

AI Injection Signature Standard. YARA-style signatures for AI agent prompt injections in web content.

Open Agent Security Benchmark. 222 attack scenarios mapped to MITRE ATLAS, with a product-agnostic adapter interface.

OpenTelemetry semantic conventions for AI agent authorization observability.

Reference verifiers and fixtures for ATX v1.0 and v1.1 (Agent Trust Credential).

Canonical conformance suite for A2A-IDF (Agent-to-Agent Identity Framework, a2aproject/A2A#1496).

TypeScript SDK for A2A-IDF. RFC 9421 and Ed25519 wire signatures, attestation envelopes, delegation chains. Paired with the A2A-IDF conformance suite.

Fork of an upstream AI assistant. 8 security PRs, 7 merged. 205K+ stars on the parent project.

Model Context Protocol specification. Security Extension Proposal work in flight.

Agent2Agent protocol. A2A-IDF identity framework PR #1496 in flight.

NVIDIA plugin for secure installation of the upstream AI assistant. Active vulnerability research target.

Ultra-lightweight AI assistant variant.

Official TypeScript SDK for the Model Context Protocol.

Official Python SDK for the Model Context Protocol.

Community-driven registry service for MCP servers.

Reference Model Context Protocol servers.

Conformance tests for MCP.

MCP authorization extensions.

Trust resource fork from the upstream AI assistant project.

Archive of upstream AI assistant skills.