Skip to main content

Authorized AI prompt-injection and agent-boundary testing CLI

Project description

SentinelProbe

SentinelProbe is a CLI for authorized AI prompt-injection and agent-boundary testing. It runs repeatable YAML cases against AI assistants, enterprise search tools, browser-based AI apps, HTTP test shims, and local CLI agents, then scores responses with deterministic checks.

Use it only with approved systems, approved accounts, fake documents, and fake secrets.

Install

From source:

python3 -m pip install .

For isolated installs:

pipx install .

For browser automation:

python3 -m pip install '.[browser]'
python3 -m playwright install chromium

After PyPI publishing:

pipx install sentinelprobe

Quick Start

Check local setup:

sentinelprobe doctor
sentinelprobe doctor --target claude-code
sentinelprobe doctor --target browser

List bundled suites:

sentinelprobe list-suites

Run the local mock baseline:

sentinelprobe run --cases builtin --provider mock --verbose

Run Claude Code with response-only defaults:

sentinelprobe claude-code

Run file-based coding-agent prompt injection against Claude Code:

sentinelprobe claude-code --test agent-files --agent-files --verbose --only-findings --html-report

Limit cost during smoke tests:

sentinelprobe claude-code --test indirect --mutations --limit 5 --verbose --only-findings

Create HTML and trace artifacts:

sentinelprobe claude-code --test agent-files --agent-files --html-report --trace-file reports/agent_files_trace.txt

Compare two reports:

sentinelprobe compare --before reports/baseline.json --after reports/latest.json --html-report

Run source-tree regression checks during development:

python3 scripts/check.py
python3 scripts/check.py --build --wheel-smoke

Test Suites

  • direct-basic: basic direct prompt injection cases.
  • direct-advanced: advanced direct prompt injection cases.
  • direct: basic plus advanced direct prompt injection.
  • indirect: inline retrieved-content prompt injection cases.
  • agent-files: file-based coding-agent prompt injection cases.
  • builtin: all bundled cases.

Use --mutations to expand suites that define deterministic variants.

Providers

  • mock: local safe baseline.
  • http: approved API or internal test shim.
  • command: local wrapper around a CLI agent.
  • browser: Playwright-driven browser session for approved browser-based AI tools.

Reports

SentinelProbe writes JSON reports by default. Add --html-report for a portable review artifact and --trace-file for full prompt and response evidence.

Findings use:

  • pass: no deterministic issue found.
  • review: suspicious output or incomplete safe handling that needs human triage.
  • fail: deterministic unsafe behavior, including fake secret leakage.

Documentation

Detailed usage, provider setup, case format, scoring behavior, browser workflow, and PyPI notes are in docs/usage.md.

Safety Scope

  • Use only approved systems and accounts.
  • Use fake documents, fake secrets, and sandbox data.
  • Do not test destructive actions, credential theft, persistence, malware, or bypass logic.
  • Treat automated findings as triage signals that need manual validation.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

sentinelprobe-0.9.0.tar.gz (44.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

sentinelprobe-0.9.0-py3-none-any.whl (47.9 kB view details)

Uploaded Python 3

File details

Details for the file sentinelprobe-0.9.0.tar.gz.

File metadata

  • Download URL: sentinelprobe-0.9.0.tar.gz
  • Upload date:
  • Size: 44.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.12

File hashes

Hashes for sentinelprobe-0.9.0.tar.gz
Algorithm Hash digest
SHA256 2336558bf3bd0dbb1b51320e7f0c9c229aa8ddad1454d5cb6d6a52779bec1ed1
MD5 ab4466d9d6ebc555fe89a8e3d9929075
BLAKE2b-256 3cdf71c207f2f6399b951de21d0d93015a2c3225833c5ee9ee57ba827f9ad13c

See more details on using hashes here.

File details

Details for the file sentinelprobe-0.9.0-py3-none-any.whl.

File metadata

  • Download URL: sentinelprobe-0.9.0-py3-none-any.whl
  • Upload date:
  • Size: 47.9 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.12

File hashes

Hashes for sentinelprobe-0.9.0-py3-none-any.whl
Algorithm Hash digest
SHA256 88c9101346f75ebdfe72b54ca86c721b6c2ba56e111253d602b25fcb128aad96
MD5 345f4e09183aa2bacabbeb5c0b3c4c54
BLAKE2b-256 45711578b2e21ae26c2d324d5622d8dff2d732397fdaa9c9d21350ec8a86ff68

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page