HackAgent is an open-source security toolkit to detect vulnerabilities of your AI Agents.
Project description
What is HackAgent?
HackAgent is a comprehensive Python SDK and CLI designed to help security researchers, developers, and AI safety practitioners evaluate and strengthen the security of AI agents.
As AI agents become more powerful and autonomous, they face security challenges that traditional testing tools cannot address:
| Threat | Description |
|---|---|
| Prompt Injection | Malicious inputs that hijack agent behavior |
| Jailbreaking | Bypassing safety guardrails and content filters |
| Goal Hijacking | Manipulating agents to pursue unintended objectives |
| Tool Misuse | Exploiting agent capabilities for unauthorized actions |
HackAgent automates testing for these vulnerabilities using research-backed attack techniques, helping you identify and fix security issues before they are exploited.
Interactive TUI with real-time attack progress and visual reporting.
Get Started Now
Quick Install
python3 -m venv .venv
source .venv/bin/activate
pip install hackagent
No API key required: HackAgent works locally out of the box.
Questions? Join community discussions or email ais@ai4i.it.
Architecture
HackAgent uses a modular pipeline to test agent robustness end-to-end.
| Component | Description |
|---|---|
| Attack Engine | Orchestrates attacks using AdvPrefix, AutoDAN-Turbo, PAIR, TAP, FlipAttack, BoN, h4rm3l, CipherChat, PAP, and Baseline |
| Generator | LLM role that creates adversarial prompts to test the target agent |
| Judge | LLM role that evaluates whether attacks bypass safety measures |
| Target Agent | Your AI agent under test across supported frameworks |
| Datasets | Pre-built benchmark presets plus custom HuggingFace/file datasets |
Supported Frameworks
Reporting
HackAgent supports both local and remote reporting.
- Local mode stores test results in SQLite and includes a built-in dashboard.
- Cloud mode syncs runs to the HackAgent remote platform when an API key is configured.
hackagent web
Access cloud reporting at https://app.hackagent.dev.
Responsible Use
HackAgent is designed for authorized security testing only. Always obtain explicit permission before testing any AI system.
Do
- Test your own agents
- Conduct authorized pentesting
- Follow coordinated disclosure
- Share security knowledge responsibly
Don't
- Test systems without permission
- Exploit vulnerabilities maliciously
- Violate terms of service
- Share harmful exploit instructions irresponsibly
Read the full guidelines: Responsible Disclosure
Contributing
Contributions are welcome. See CONTRIBUTING.md and CODE_OF_CONDUCT.md.
License
Licensed under Apache-2.0. See LICENSE.
Disclaimer
HackAgent is intended for security research and AI safety improvement. The authors are not responsible for misuse.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file hackagent-0.10.0.tar.gz.
File metadata
- Download URL: hackagent-0.10.0.tar.gz
- Upload date:
- Size: 651.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.11.16 {"installer":{"name":"uv","version":"0.11.16","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
8a0a08f11c1d55c41e2c6988cdc8f5ad2d7c6e43ad57bc6800d05a65c3ddbfc7
|
|
| MD5 |
860b1f0b78b8042ab3095cece787ae66
|
|
| BLAKE2b-256 |
9d31b1ebd1d3f51c251f7bcdacff20b53f9b36b429d605f2d414cdc12910285c
|
File details
Details for the file hackagent-0.10.0-py3-none-any.whl.
File metadata
- Download URL: hackagent-0.10.0-py3-none-any.whl
- Upload date:
- Size: 853.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.11.16 {"installer":{"name":"uv","version":"0.11.16","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
946caba46f75d37abb073c1c6f0c70380c5e42e65a6be3b2e0d394bf785aa64d
|
|
| MD5 |
aaf1e10dab42c31c47287c04abfed5ed
|
|
| BLAKE2b-256 |
fb25a797257910695aa8dbd8a03bb3e76c3c50ee5ac4b69c6c2793a4ae2ec8c0
|
