
Agent Immune
@denial-web
About Agent Immune
Adaptive security toolkit for AI agents. Assess inputs for prompt injection, scan outputs for credential/PII leaks, teach new attack patterns to semantic memory, harden prompts with role-lock and sandboxing, and monitor metrics — all locally via MCP. Zero false positives on bench
Basic information
Config
Add this server to your MCP-compatible client using the configuration below.
{
"mcpServers": {
"agent-immune": {
"command": "python",
"args": [
"-m",
"agent_immune",
"serve",
"--transport",
"stdio"
]
}
}
}Tools
5score text for prompt injection threats
scan output for credentials, PII, and exfiltration
teach new attack patterns to semantic memory
apply role-lock, sandboxing, and output guards
observability snapshot (counts, latency)
Overview
What is Agent Immune?
Agent Immune is an adaptive security toolkit for AI agents that runs locally via the Model Context Protocol (MCP). It provides tools to assess inputs and outputs for threats, learn new attack patterns, harden prompts, and expose observability metrics, targeting developers building secure AI agent workflows.
How to use Agent Immune?
Install it with pip install 'agent-immune[mcp]' and serve it via python -m agent_immune serve --transport stdio. Once running, an MCP host can invoke its five tools: assess_input, assess_output, learn_threat, harden_prompt, and get_metrics.
Key features of Agent Immune
- Zero false positives on benchmark evaluations.
- 179 automated tests with 94% code coverage.
- Semantic memory catches rephrased attacks that bypass regex.
- Provides prompt hardening via role-lock, sandboxing, and output guards.
- Observability snapshot through
get_metricstool. - Licensed under Apache-2.0.
Use cases of Agent Immune
- Detect prompt injection threats in user-supplied text before it reaches the AI agent.
- Scan agent outputs for credentials, PII, and data exfiltration.
- Teach the system new attack patterns on the fly to adapt to emerging threats.
- Harden agent prompts with role-lock and sandboxing guards to prevent misuse.
- Monitor security metrics and latency through the observability snapshot.
FAQ from Agent Immune
What does “zero false positives on benchmarks” mean?
On the benchmarks used in testing, no legitimate inputs were incorrectly flagged as threats, ensuring low friction for normal agent operation.
How does Agent Immune differ from simple regex-based filters?
Agent Immune uses semantic memory that can recognize rephrased or novel attack patterns, whereas static regex rules often miss variations and produce false negatives.
Is Agent Immune a cloud service?
No. It runs entirely locally via the MCP protocol; no data is sent to external servers unless the user explicitly configures it.
What transport does Agent Immune use?
The server is started with --transport stdio, so it communicates over standard input/output with the MCP host.
What are the runtime dependencies?
The package is installed via pip and requires Python. The agent-immune[mcp] extra pulls in MCP dependencies, and the tool operates as a standard Python process.
More AI & Agents MCP servers
MCP Manager for Claude Desktop
zueaisimple web ui to manage mcp (model context protocol) servers in the claude app
Mcp Agent
lastmile-aiBuild effective agents using Model Context Protocol and simple workflow patterns
21st.dev Magic AI Agent
21st-devIt's like v0 but in your Cursor/WindSurf/Cline. 21st dev Magic MCP server for working with your frontend like Magic
Perplexity Ask MCP Server
ppl-aiThe official MCP server implementation for the Perplexity API Platform
🔎 GPT Researcher
assafelovicAn autonomous agent that conducts deep research on any data using any LLM providers
Comments