Authorized AI prompt-injection and agent-boundary testing CLI
Project description
SentinelProbe
SentinelProbe is a CLI for authorized AI prompt-injection and agent-boundary testing. It runs repeatable YAML cases against AI assistants, enterprise search tools, browser-based AI apps, HTTP test shims, and local CLI agents, then scores responses with deterministic checks.
Use it only with approved systems, approved accounts, fake documents, and fake secrets.
Install
From source:
python3 -m pip install .
For isolated installs:
pipx install .
For browser automation:
python3 -m pip install '.[browser]'
python3 -m playwright install chromium
After PyPI publishing:
pipx install sentinelprobe
Quick Start
Check local setup:
sentinelprobe doctor
sentinelprobe doctor --target claude-code
sentinelprobe doctor --target browser
List bundled suites:
sentinelprobe list-suites
Run the local mock baseline:
sentinelprobe run --cases builtin --provider mock --verbose
Run Claude Code with response-only defaults:
sentinelprobe claude-code
Run file-based coding-agent prompt injection against Claude Code:
sentinelprobe claude-code --test agent-files --agent-files --verbose --only-findings --html-report
Limit cost during smoke tests:
sentinelprobe claude-code --test indirect --mutations --limit 5 --verbose --only-findings
Create HTML and trace artifacts:
sentinelprobe claude-code --test agent-files --agent-files --html-report --trace-file reports/agent_files_trace.txt
Compare two reports:
sentinelprobe compare --before reports/baseline.json --after reports/latest.json --html-report
Run source-tree regression checks during development:
python3 scripts/check.py
python3 scripts/check.py --build --wheel-smoke
Test Suites
direct-basic: basic direct prompt injection cases.direct-advanced: advanced direct prompt injection cases.direct: basic plus advanced direct prompt injection.indirect: inline retrieved-content prompt injection cases.agent-files: file-based coding-agent prompt injection cases.builtin: all bundled cases.
Use --mutations to expand suites that define deterministic variants.
Providers
mock: local safe baseline.http: approved API or internal test shim.command: local wrapper around a CLI agent.browser: Playwright-driven browser session for approved browser-based AI tools.
Reports
SentinelProbe writes JSON reports by default. Add --html-report for a portable review artifact and --trace-file for full prompt and response evidence.
Findings use:
pass: no deterministic issue found.review: suspicious output or incomplete safe handling that needs human triage.fail: deterministic unsafe behavior, including fake secret leakage.
Documentation
Detailed usage, provider setup, case format, scoring behavior, browser workflow, and PyPI notes are in docs/usage.md.
Safety Scope
- Use only approved systems and accounts.
- Use fake documents, fake secrets, and sandbox data.
- Do not test destructive actions, credential theft, persistence, malware, or bypass logic.
- Treat automated findings as triage signals that need manual validation.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file sentinelprobe-0.9.0.tar.gz.
File metadata
- Download URL: sentinelprobe-0.9.0.tar.gz
- Upload date:
- Size: 44.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
2336558bf3bd0dbb1b51320e7f0c9c229aa8ddad1454d5cb6d6a52779bec1ed1
|
|
| MD5 |
ab4466d9d6ebc555fe89a8e3d9929075
|
|
| BLAKE2b-256 |
3cdf71c207f2f6399b951de21d0d93015a2c3225833c5ee9ee57ba827f9ad13c
|
File details
Details for the file sentinelprobe-0.9.0-py3-none-any.whl.
File metadata
- Download URL: sentinelprobe-0.9.0-py3-none-any.whl
- Upload date:
- Size: 47.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
88c9101346f75ebdfe72b54ca86c721b6c2ba56e111253d602b25fcb128aad96
|
|
| MD5 |
345f4e09183aa2bacabbeb5c0b3c4c54
|
|
| BLAKE2b-256 |
45711578b2e21ae26c2d324d5622d8dff2d732397fdaa9c9d21350ec8a86ff68
|