AI-Infra-Guard: a comprehensive AI red teaming platform for vulnerability scanning and LLM safety assessment
AI-Infra-Guard: a comprehensive AI red teaming platform for vulnerability scanning and LLM safety assessment
What it solves
AI-Infra-Guard (A.I.G) is a red teaming platform designed to help enterprises and individuals identify security risks in their AI infrastructure. It addresses the need for automated security self-examination across AI frameworks, agent workflows, and large language models (LLMs).
How it works
The platform provides a suite of specialized scanners and evaluation tools:
- AI Infrastructure Scan: Fingerprints live AI services (like vLLM, Ollama, or ComfyUI) and matches them against a database of over 1,600 known CVE vulnerabilities.
- Agent Scan: An automated multi-agent framework that evaluates the security of AI agent workflows on platforms like Dify and Coze.
- MCP & Skill Scan: Analyzes source code or remote URLs of Model Context Protocol (MCP) servers and agent skills to detect 14 categories of security risks.
- Jailbreak Evaluation: Tests the robustness of LLMs by applying curated attack datasets and various attack methods to check for prompt security risks.
- ClawScan: Specifically evaluates security risks for OpenClaw, including insecure configurations and privacy leaks.
Who it’s for
It is intended for security researchers, AI developers, and enterprises deploying AI infrastructure who need to perform internal security audits and red teaming exercises.
Highlights
- Comprehensive Coverage: Supports over 100 AI framework components and 1,600+ CVE rules.
- Extensible Plugin Framework: Allows users to add their own fingerprint rules, vulnerability rules, and jailbreak datasets via YAML files.
- Integrated Web UI: Provides a user-friendly interface for one-click scanning and real-time progress tracking.
- Agent-Ready: Offers plug-and-play skills for ClawHub to embed security scanning directly into AI agent workflows.
Sources
- undefinedTencent/AI-Infra-Guard