agent-security-harness
CommunityValidate agent security before production.
System Documentation
What problem does it solve?
Prevent authorized AI agents from being manipulated into unsafe or policy-violating behavior by testing the full protocol and decision-governance surface before you ship.
Core Features & Use Cases
- Protocol integrity testing (MCP/A2A/L402/x402): probes wire-level message handling for spoofing, replay, downgrade, diversion, capability escalation, and tool registration poisoning.
- Decision governance validation: checks whether agents should act at all under their authority using autonomy scoring, scope constraints, and unsafe-output defenses (including jailbreak and over-refusal behavior quality).
- AIUC-1 aligned evidence output: produces structured JSON reports plus mappings for auditable pre-certification style workflows.
- CI/CD and MCP server mode: runs as a CI gate and can expose the harness via MCP (defaulting to stdio to minimize network surface).
Example use case: you run the harness against your MCP server and confirm that malicious tool registration or capability escalation attempts are blocked, then attach the JSON evidence to your release gate.
Quick Start
Ask the AI assistant you’re using to run: "Run agent-security-harness MCP protocol tests in simulate mode first, then rerun against my MCP server URL if the simulate checks pass."
Dependency Matrix
Required Modules
Components
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: agent-security-harness Download link: https://github.com/msaleme/red-team-blue-team-agent-fabric/archive/main.zip#agent-security-harness Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.