Offensive security platform for agentic AI infrastructure

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for richardspicer from gravatar.com richardspicer

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: Apache-2.0
    SPDX License Expression
  • Author: Richard Spicer
  • Tags ai , mcp , offensive-security , red-team , security
  • Requires: Python >=3.11
  • Provides-Extra: full , rxp
Classifiers
Report project as malware

Project description

{q-AI}

CI Python 3.11+ License: Apache 2.0 pre-commit CodeRabbit Pull Request Reviews Docs

Unified offensive security platform for agentic AI infrastructure.

Seven research modules in one package: audit MCP servers, intercept agent traffic, test tool poisoning and prompt injection, execute multi-step attack chains, generate IPI payloads, poison coding assistant context files, and measure RAG retrieval rank. A local web UI orchestrates multi-module workflows. All findings write to a shared SQLite database.

Research program by Richard Spicer · {q-AI}

Install

pip install q-uestionable-ai

Or from source:

git clone https://github.com/q-uestionable-AI/qai.git
cd qai
uv sync --group dev

RXP requires optional dependencies:

pip install "q-uestionable-ai[rxp]"

Usage

# Start the web UI (opens browser)
qai

# Audit — scan an MCP server against the OWASP MCP Top 10
qai audit scan --transport stdio --command "npx @modelcontextprotocol/server-everything"

# Proxy — intercept MCP traffic
qai proxy start --transport stdio --target-command "python my_server.py"

# Inject — run a tool poisoning campaign against any LLM provider
qai inject campaign --model anthropic/claude-sonnet-4-20250514
qai inject campaign --model openai/gpt-4o
qai inject campaign --model ollama/llama3

# Chain — execute multi-step attack chains
qai chain list-templates
qai chain run --chain-file chain.yaml --dry-run

# IPI — generate indirect prompt injection payloads
qai ipi generate --callback-url http://localhost:8080 --format pdf --output ./payloads/

# CXP — build poisoned coding assistant context repos
qai cxp build --format cursorrules --output ./test-repos/

# RXP — measure RAG retrieval rank of adversarial documents
qai rxp validate --profile rag-security --model minilm-l6

Full documentation at docs.q-uestionable.ai.

Legal

All tools are intended for authorized security testing only. Only test systems you own, control, or have explicit permission to test. Responsible disclosure for all vulnerabilities discovered.

License

Apache 2.0

AI Disclosure

This project uses a human-led, AI-augmented workflow. See AI-STATEMENT.md.

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for richardspicer from gravatar.com richardspicer

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: Apache-2.0
    SPDX License Expression
  • Author: Richard Spicer
  • Tags ai , mcp , offensive-security , red-team , security
  • Requires: Python >=3.11
  • Provides-Extra: full , rxp
Classifiers

Release history Release notifications | RSS feed

0.10.8

0.10.7

0.10.6

0.10.5

0.10.4

0.10.3

0.10.2

0.10.0

0.9.3

0.9.2

0.9.1

0.9.0

0.8.2

0.8.1

0.8.0

0.7.5

0.7.4

0.7.3

0.7.2

0.7.1

0.7.0

0.6.1

0.6.0

0.5.3

0.5.2

0.5.1

0.5.0

0.4.1

0.3.3

0.3.2

0.3.1

0.3.0

This version

0.2.0

0.1.0

0.0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

q_uestionable_ai-0.2.0.tar.gz (519.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

q_uestionable_ai-0.2.0-py3-none-any.whl (420.7 kB view details)

Uploaded Python 3

File details

Details for the file q_uestionable_ai-0.2.0.tar.gz.

File metadata

  • Download URL: q_uestionable_ai-0.2.0.tar.gz
  • Upload date:
  • Size: 519.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for q_uestionable_ai-0.2.0.tar.gz
Algorithm Hash digest
SHA256 f995cf4c1e1869b20e0810889db3d4dbdff475863600e42a31373da6c5207c8d
MD5 60154e68f93488b0c80aa5d9b7f1105e
BLAKE2b-256 35f4077858116c967963cfd64b214186b64246c3c5ca6331ae9e2ecfc066b5d6

See more details on using hashes here.

Provenance

The following attestation bundles were made for q_uestionable_ai-0.2.0.tar.gz:

Publisher: release.yml on q-uestionable-AI/qai

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file q_uestionable_ai-0.2.0-py3-none-any.whl.

File metadata

File hashes

Hashes for q_uestionable_ai-0.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 837416be62ab6a34b82adb8276c48a0ae11c80a7953c0d82f6a0e2e1dbe24eb4
MD5 ac5bc212732483c13b677d7be1f46d2a
BLAKE2b-256 0f1ff11f3ed1c914daba5d65793bf676536910b7d147e552da6555cc1b013a7e

See more details on using hashes here.

Provenance

The following attestation bundles were made for q_uestionable_ai-0.2.0-py3-none-any.whl:

Publisher: release.yml on q-uestionable-AI/qai

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page