
Agent Immune
@denial-web
About Agent Immune
Adaptive security toolkit for AI agents. Assess inputs for prompt injection, scan outputs for credential/PII leaks, teach new attack patterns to semantic memory, harden prompts with role-lock and sandboxing, and monitor metrics — all locally via MCP. Zero false positives on bench
Basic information
Config
Add this server to your MCP-compatible client using the configuration below.
{
"mcpServers": {
"agent-immune": {
"command": "python",
"args": [
"-m",
"agent_immune",
"serve",
"--transport",
"stdio"
]
}
}
}Tools
5score text for prompt injection threats
scan output for credentials, PII, and exfiltration
teach new attack patterns to semantic memory
apply role-lock, sandboxing, and output guards
observability snapshot (counts, latency)
Overview
What is Agent Immune?
Agent Immune is an adaptive security toolkit for AI agents that runs locally via the Model Context Protocol (MCP). It provides tools to assess inputs and outputs for threats, learn new attack patterns, harden prompts, and expose observability metrics, targeting developers building secure AI agent workflows.
How to use Agent Immune?
Install it with pip install 'agent-immune[mcp]' and serve it via python -m agent_immune serve --transport stdio. Once running, an MCP host can invoke its five tools: assess_input, assess_output, learn_threat, harden_prompt, and get_metrics.
Key features of Agent Immune
- Zero false positives on benchmark evaluations.
- 179 automated tests with 94% code coverage.
- Semantic memory catches rephrased attacks that bypass regex.
- Provides prompt hardening via role-lock, sandboxing, and output guards.
- Observability snapshot through
get_metricstool. - Licensed under Apache-2.0.
Use cases of Agent Immune
- Detect prompt injection threats in user-supplied text before it reaches the AI agent.
- Scan agent outputs for credentials, PII, and data exfiltration.
- Teach the system new attack patterns on the fly to adapt to emerging threats.
- Harden agent prompts with role-lock and sandboxing guards to prevent misuse.
- Monitor security metrics and latency through the observability snapshot.
FAQ from Agent Immune
What does “zero false positives on benchmarks” mean?
On the benchmarks used in testing, no legitimate inputs were incorrectly flagged as threats, ensuring low friction for normal agent operation.
How does Agent Immune differ from simple regex-based filters?
Agent Immune uses semantic memory that can recognize rephrased or novel attack patterns, whereas static regex rules often miss variations and produce false negatives.
Is Agent Immune a cloud service?
No. It runs entirely locally via the MCP protocol; no data is sent to external servers unless the user explicitly configures it.
What transport does Agent Immune use?
The server is started with --transport stdio, so it communicates over standard input/output with the MCP host.
What are the runtime dependencies?
The package is installed via pip and requires Python. The agent-immune[mcp] extra pulls in MCP dependencies, and the tool operates as a standard Python process.
More AI & Agents MCP servers
meGPT - upload an author's content into an LLM
adriancoCode to process many kinds of content by an author into an MCP server
Solon Ai
opensolonJava AI application development framework (supports LLM-tool,skill; RAG; MCP; Agent-ReAct,Team-Agent). Compatible with java8 ~ java25. It can also be embedded in SpringBoot, jFinal, Vert.x, Quarkus, and other frameworks.
Model Context Protocol for Unreal Engine
chongdashuEnable AI assistant clients like Cursor, Windsurf and Claude Desktop to control Unreal Engine through natural language using the Model Context Protocol (MCP).
1Panel
1Panel-dev🔥 1Panel is a modern, open-source VPS control panel — and the only one with native AI agent support. Run Ollama models, deploy OpenClaw agents, and manage your entire server stack from one clean web interface.
Open Multi-Agent Canvas
CopilotKitThe open-source multi-agent chat interface that lets you manage multiple agents in one dynamic conversation and add MCP servers for deep research
Comments