🧠 AgentNull: AI System Security Threat Catalog + Proof-of-Concepts
@jaschadub
关于 🧠 AgentNull: AI System Security Threat Catalog + Proof-of-Concepts
AgentNull: AI System Security Threat Catalog + Proof-of-Concepts. Collection of PoCs for using Agents, MCP, and RAG in bad ways.
基本信息
配置
使用下面的配置,将此服务器添加到你的 MCP 客户端。
{
"mcpServers": {
"AgentNull": {
"command": "python3",
"args": [
"advanced_tool_poisoning_agent.py",
"local"
]
}
}
}工具
未检测到工具
工具是从 README 中自动提取的。维护者可以在 ## Tools 标题下列出工具,即可填充这部分内容。
概览
What is 🧠 AgentNull: AI System Security Threat Catalog + Proof-of-Concepts?
It is a red team-oriented catalog of attack vectors targeting AI systems, including autonomous agents (MCP, LangGraph, AutoGPT), RAG pipelines, vector databases, and embedding-based retrieval systems. Each attack vector comes with an individual proof-of-concept (PoC), a human-readable catalog entry, and a structured JSON version for SOC/SIEM ingestion. It is intended for educational and internal security research only.
How to use 🧠 AgentNull: AI System Security Threat Catalog + Proof-of-Concepts?
Navigate into each pocs/<attack_name>/ folder and follow its README to replicate the attack scenario. For enhanced PoC demonstrations without API costs, use Ollama with local models (e.g., ollama pull gemma3), then run PoCs with python3 advanced_tool_poisoning_agent.py local or simulation mode.
Key features of 🧠 AgentNull: AI System Security Threat Catalog + Proof-of-Concepts
- Catalog contains attack vectors for AI agents, RAG, vector databases, and embeddings.
- Each attack vector includes its own README, code, and sample input/output.
- Structured JSON catalog available for SOC/SIEM ingestion.
- Novel starred (⭐) attack concepts developed primarily within the AgentNull project.
- Supports local LLM testing via Ollama for cost-free demonstrations.
Use cases of 🧠 AgentNull: AI System Security Threat Catalog + Proof-of-Concepts
- Red teaming autonomous agent architectures (MCP, LangGraph, AutoGPT).
- Assessing RAG pipeline and vector database security postures.
- Testing embedding-based retrieval systems against poisoning and skew attacks.
- Replicating known and novel attack patterns for security research and training.
FAQ from 🧠 AgentNull: AI System Security Threat Catalog + Proof-of-Concepts
What distinguishes the starred (⭐) attack vectors from others?
The starred vectors are novel concepts primarily developed within the AgentNull project, extending beyond existing documented attack patterns. Non-starred vectors link to known research or published vulnerabilities.
What dependencies are required to run the PoCs?
PoCs can run in simulation mode with no external dependencies, or with a local LLM via Ollama. Ollama requires at least ~4 GB RAM per model and runs on Linux/macOS via curl -fsSL https://ollama.ai/install.sh | sh.
Where do the attack vectors apply?
The catalog covers MCP & Agent Systems, Memory & Context Systems, RAG & Vector Systems, Code & File Systems, Resource & Performance attacks, multi-agent attacks, prompt injection advances, and more.
Is it safe to use this in production?
No. The repository is for educational and internal security research only. Do not deploy any techniques or code in production or against systems you do not own or have explicit authorization to test.
What transport or authentication does the catalog assume?
The catalog does not mandate a specific transport or authentication scheme; each PoC’s README describes the target system configuration used in the demonstration.
开发工具 分类下的更多 MCP 服务器
mcp-excalidraw
yctimlinMCP server and Claude Code skill for Excalidraw — programmatic canvas toolkit to create, edit, and export diagrams via AI agents with real-time canvas sync.
sentry-mcp
getsentryAn MCP server for interacting with Sentry via LLMs.
OpenSumi
opensumiA framework helps you quickly build AI Native IDE products. MCP Client, supports Model Context Protocol (MCP) tools via MCP server.
Serena
oraiosA powerful MCP toolkit for coding, providing semantic retrieval and editing capabilities - the IDE for your agent
Golf
golf-mcpProduction-Ready MCP Server Framework • Build, deploy & scale secure AI agent infrastructure • Includes Auth, Observability, Debugger, Telemetry & Runtime • Run real-world MCPs powering AI Agents
评论