
Agent Immune
@denial-web
About Agent Immune
Adaptive security toolkit for AI agents. Assess inputs for prompt injection, scan outputs for credential/PII leaks, teach new attack patterns to semantic memory, harden prompts with role-lock and sandboxing, and monitor metrics — all locally via MCP. Zero false positives on bench
Basic information
Config
Add this server to your MCP-compatible client using the configuration below.
{
"mcpServers": {
"agent-immune": {
"command": "python",
"args": [
"-m",
"agent_immune",
"serve",
"--transport",
"stdio"
]
}
}
}Tools
5score text for prompt injection threats
scan output for credentials, PII, and exfiltration
teach new attack patterns to semantic memory
apply role-lock, sandboxing, and output guards
observability snapshot (counts, latency)
Overview
What is Agent Immune?
Agent Immune is an adaptive security toolkit for AI agents that runs locally via the Model Context Protocol (MCP). It provides tools to assess inputs and outputs for threats, learn new attack patterns, harden prompts, and expose observability metrics, targeting developers building secure AI agent workflows.
How to use Agent Immune?
Install it with pip install 'agent-immune[mcp]' and serve it via python -m agent_immune serve --transport stdio. Once running, an MCP host can invoke its five tools: assess_input, assess_output, learn_threat, harden_prompt, and get_metrics.
Key features of Agent Immune
- Zero false positives on benchmark evaluations.
- 179 automated tests with 94% code coverage.
- Semantic memory catches rephrased attacks that bypass regex.
- Provides prompt hardening via role-lock, sandboxing, and output guards.
- Observability snapshot through
get_metricstool. - Licensed under Apache-2.0.
Use cases of Agent Immune
- Detect prompt injection threats in user-supplied text before it reaches the AI agent.
- Scan agent outputs for credentials, PII, and data exfiltration.
- Teach the system new attack patterns on the fly to adapt to emerging threats.
- Harden agent prompts with role-lock and sandboxing guards to prevent misuse.
- Monitor security metrics and latency through the observability snapshot.
FAQ from Agent Immune
What does “zero false positives on benchmarks” mean?
On the benchmarks used in testing, no legitimate inputs were incorrectly flagged as threats, ensuring low friction for normal agent operation.
How does Agent Immune differ from simple regex-based filters?
Agent Immune uses semantic memory that can recognize rephrased or novel attack patterns, whereas static regex rules often miss variations and produce false negatives.
Is Agent Immune a cloud service?
No. It runs entirely locally via the MCP protocol; no data is sent to external servers unless the user explicitly configures it.
What transport does Agent Immune use?
The server is started with --transport stdio, so it communicates over standard input/output with the MCP host.
What are the runtime dependencies?
The package is installed via pip and requires Python. The agent-immune[mcp] extra pulls in MCP dependencies, and the tool operates as a standard Python process.
More AI & Agents MCP servers
Perplexity MCP Server
DaInfernalCoderA Model Context Protocol (MCP) server for research and documentation assistance using Perplexity AI. Won 1st @ Cline Hackathon
MCP Manager for Claude Desktop
zueaisimple web ui to manage mcp (model context protocol) servers in the claude app
Perplexity Ask MCP Server
ppl-aiThe official MCP server implementation for the Perplexity API Platform
mcp-hfspace MCP Server 🤗
evalstateMCP Server to Use HuggingFace spaces, easy configuration and Claude Desktop mode.
Hass-MCP
voskaControl and query Home Assistant from Claude and other LLMs — a Model Context Protocol (MCP) server.
Comments