Skip to content

JehLeeKR/self-expand-agent-security-agent

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

AI Threat Defense Agent

A self-expanding AI agent system that autonomously collects emerging AI/agent security threats, builds defense layers, and tests them against realistic victim agents in Docker sandboxes.

Architecture

                           +------------------+
                           |   Threat Intel    |
                           |   Sources         |
                           | (arXiv, RSS, Web) |
                           +--------+---------+
                                    |
                           +--------v---------+
                           |    Collector      |
                           |    Manager        |
                           +--------+---------+
                                    |
                           +--------v---------+
                           |    Analyzer       |
                           | (Classify, Plan,  |
                           |  Generate Tests)  |
                           +--------+---------+
                                    |
                    +---------------+---------------+
                    |                               |
           +--------v---------+            +--------v---------+
           |   Implementer    |            |   Test Generator  |
           | (Claude Code CLI)|            |  (Attack Payloads)|
           +--------+---------+            +--------+---------+
                    |                               |
           +--------v---------+            +--------v---------+
           |  Defense Layer    |            |   Sandbox         |
           |  Registry &      |<---------->|   (Docker Victim  |
           |  Pipeline        |            |    Agent)          |
           +--------+---------+            +--------+---------+
                    |                               |
           +--------v---------+            +--------v---------+
           |   Optimizer       |<----------+   Evaluator       |
           | (Reorder, Prune)  |           | (Metrics, Report) |
           +-------------------+           +-------------------+

Quick Start

# Install dependencies
pip install -e ".[dev]"

# Set API key
export ANTHROPIC_API_KEY="your-key-here"

# Run the full cycle: collect -> analyze -> implement -> test -> optimize
python -m src.main cycle

# Or run individual steps
python -m src.main collect      # Gather threat intelligence
python -m src.main analyze      # Classify threats, plan defenses, generate tests
python -m src.main implement    # Auto-implement defense layers via Claude Code CLI
python -m src.main test         # Red team test against sandboxed victims
python -m src.main optimize     # Optimize defense layer pipeline
python -m src.main report       # Generate dashboard report
python -m src.main status       # Show system status

CLI Commands

Command Description
collect Fetch threats from arXiv, RSS feeds, vendor blogs, conference sites
analyze Classify threats, generate defense plans, create attack test payloads
implement Use Claude Code CLI to auto-implement new defense layers
test Run attack payloads against Docker-sandboxed victim agents
optimize Reorder, prune, and improve defense layer pipeline
cycle Run all steps in sequence
report Generate markdown dashboard with metrics
status Show threat counts, active layers, latest test results

Defense Layers

The defense pipeline processes inputs and outputs through ordered layers:

Input -> [InputValidator] -> [ContextIsolator] -> [ToolSandbox] -> Agent
                                                                     |
Output <- [OutputFilter] <- [RateLimiter] <---------------------- Agent
Layer Priority Defends Against
InputValidator 10 Prompt injection, jailbreak, context manipulation
ContextIsolator 20 Context manipulation, privilege escalation
ToolSandbox 30 Tool abuse, data exfiltration, privilege escalation
RateLimiter 40 Tool abuse, data exfiltration
OutputFilter 50 Data exfiltration, context manipulation

New layers are automatically generated by the Implementer when novel threats are detected that existing layers don't cover.

Victim Profiles

Three pre-configured victim profiles for realistic testing:

  • corporate_assistant: Has API keys, customer DB, internal strategy docs, PII
  • code_agent: Has source code, deployment secrets, CI/CD configs, SSH keys
  • data_analyst: Has PII datasets, financial records, patient records, salary data

Each runs in an isolated Docker container with no external network access.

Configuration

  • config/default.yaml - Main settings (scheduler, API, Docker, DB)
  • config/sources.yaml - Threat intelligence source definitions
  • config/victim_profiles.yaml - Victim agent configurations

Self-Expansion

The system automatically expands its defenses:

  1. New threat detected with no existing layer coverage
  2. DefensePlanner generates implementation spec via Claude API
  3. Implementer writes new layer code via Claude Code CLI
  4. Layer is registered in the pipeline and tested
  5. If effectiveness < threshold, implementation is retried with feedback
  6. Optimizer continuously reorders and prunes the defense stack

License

Apache License 2.0

About

Self collecting Agent threats and Self implementation

Resources

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages