MCP.so
ログイン

概要

What is Agentic Radar?

Agentic Radar is a security scanner designed to analyze and assess agentic workflows for security and operational insights. It helps developers, researchers, and security professionals understand how agentic systems function and identify potential vulnerabilities.

How to use Agentic Radar?

Install via pip, then use the scan or test commands. For example: agentic-radar scan langgraph -i path/to/folder -o report.html or agentic-radar test openai-agents "path/to/example.py". The test command requires OPENAI_API_KEY or AZURE_OPENAI_API_KEY set as an environment variable.

Key features of Agentic Radar

  • Scans agentic codebases for workflow visualization and tool identification
  • Detects MCP servers used by agents in the system
  • Maps detected tools to known vulnerabilities (OWASP LLM Top 10, OWASP Agentic AI)
  • Supports prompt hardening to improve system prompts automatically
  • Includes runtime testing for prompt injection, PII leakage, harmful content, and fake news
  • Generates a comprehensive HTML report for easy reviewing and sharing
  • Provides a CI/CD workflow example for GitHub Actions integration

Use cases of Agentic Radar

  • Security auditing of multi-agent applications before deployment
  • Identifying and mitigating prompt injection vulnerabilities in agentic workflows
  • Generating shareable security reports for compliance or team review
  • Understanding the tool landscape and MCP server dependencies of an agent system

FAQ from Agentic Radar

What frameworks does Agentic Radar support?

Scan supports LangGraph, CrewAI, n8n, OpenAI Agents, and Autogen. Test currently supports OpenAI Agents. Prompt hardening supports OpenAI Agents, CrewAI, and Autogen.

Are there any prerequisites to use Agentic Radar?

Just Python (pip) installed on your machine. Some features like runtime testing require OPENAI_API_KEY set as an environment variable.

How does the runtime testing work?

The tool injects itself into the provided agentic workflow, launches it with simulated adversarial inputs (e.g., for prompt injection), and evaluates results using an oracle LLM based on success conditions aligned with OWASP LLM Top 10.

Can I customize the tests for vulnerabilities?

Yes, you can provide a YAML file with custom test names, inputs, and success conditions using the --config option.

Where does Agentic Radar store data?

Agentic Radar runs locally on your machine. Scans and tests process your code and agent workflows in-place; reports are generated as HTML files that you can save and share. No data is sent to external servers except API calls to OpenAI when using features that require an API key.

タグ

「推論」の他のコンテンツ