Awesome AI Security

A curated list of open-source tools, frameworks, and resources for securing AI agents and coding assistants.

Contents

• Static Analysis & Scanners
• Runtime Protection
• MCP & Plugin Security
• Supply Chain
• Prompt Injection Defense
• Resources

Static Analysis & Scanners

Tools that scan AI agent plugins, skills, and configurations for vulnerabilities before deployment.

• HOL Guard — Open-source security scanner for AI coding agents. 130-point scoring across 7 categories. Supports Claude Code, Codex, Cursor, Gemini. PyPI
• OpenSSF Scorecard — Security health checks for open source projects. Not AI-specific but critical for any dependency.
• Bandit — Python security linter. Catches common issues in AI agent Python code.
• Semgrep — Lightweight static analysis. Good for custom security rules on agent code.

Runtime Protection

Tools that intercept and protect AI agents during execution.

• HOL Guard Agent Shield — Runtime protection with 4 levels: Gentle, Balanced, Strict, Paranoid. Intercepts malicious operations in real-time.
• Cisco AI Defense — Enterprise AI security platform. Integrates with HOL Guard for deep scanning.
• Guardrails AI — Input/output validation for LLM applications. Not agent-specific but useful.

MCP & Plugin Security

Security around Model Context Protocol servers and plugins.

• HOL Plugin Scanner — CLI tool for scoring MCP plugins and Codex skills. 7-category analysis including manifest validation, secrets detection, and code quality.
• HOL Guard CI Action — GitHub Action that runs the scanner on every PR. Fails on score < 80 or high/critical findings.
• Awesome Codex Plugins — Curated list of Codex plugins. HOL Guard scanning is now mandatory for inclusion.
• MCP Inspector — Official tool for testing MCP servers. Useful for understanding what an MCP server can do before installing it.

Supply Chain

• SLSA — Supply-chain Levels for Software Artifacts. Framework for provenance and integrity.
• Sigstore — Signing, verification, and provenance for open source software.
• Dependabot — GitHub-native dependency updates. Enable it on every AI agent plugin repo.

Prompt Injection Defense

• Rebuff — Prompt injection detection. Open-source but maintenance status unclear.
• LLM Guard — Input/output scanners for LLM applications. Anonymization, toxicity, and injection detection.
• Purple Llama — Meta's suite for AI safety including prompt injection benchmarks.

Resources

• HOL Guard Docs — Official documentation and protection level reference.
• Cisco AI Defense Blog — Enterprise AI security research and threat intelligence.
• OWASP LLM Top 10 — Standardized risks for LLM applications.
• AI Village — Community for AI security research and red-teaming.

Contributing

Know a tool that should be here? Open a PR. All listed tools must be open source and actively maintained.

License

This list is CC0.