Skip to main content

Authorized AI prompt-injection and agent-boundary testing CLI

Project description

SentinelProbe

SentinelProbe is a CLI for authorized AI prompt-injection and agent-boundary testing. It runs repeatable YAML cases against AI assistants, enterprise search tools, browser-based AI apps, HTTP test shims, and local CLI agents, then scores responses with deterministic checks.

Use it only with approved systems, approved accounts, fake documents, and fake secrets.

Install

From source:

python3 -m pip install .

For isolated installs:

pipx install .

For browser automation:

python3 -m pip install '.[browser]'
python3 -m playwright install chromium

After PyPI publishing:

pipx install sentinelprobe

Quick Start

Check local setup:

sentinelprobe doctor
sentinelprobe doctor --target claude-code
sentinelprobe doctor --target browser

List bundled suites:

sentinelprobe list-suites

Run the local mock baseline:

sentinelprobe run --cases builtin --provider mock --verbose

Run Claude Code with response-only defaults:

sentinelprobe claude-code

Run file-based coding-agent prompt injection against Claude Code:

sentinelprobe claude-code --test agent-files --agent-files --verbose --only-findings --html-report

Limit cost during smoke tests:

sentinelprobe claude-code --test indirect --mutations --limit 5 --verbose --only-findings

Create HTML and trace artifacts:

sentinelprobe claude-code --test agent-files --agent-files --html-report --trace-file reports/agent_files_trace.txt

Compare two reports:

sentinelprobe compare --before reports/baseline.json --after reports/latest.json --html-report

Run source-tree regression checks during development:

python3 scripts/check.py
python3 scripts/check.py --build --wheel-smoke

Test Suites

  • direct-basic: basic direct prompt injection cases.
  • direct-advanced: advanced direct prompt injection cases.
  • direct: basic plus advanced direct prompt injection.
  • indirect: inline retrieved-content prompt injection cases.
  • agent-files: file-based coding-agent prompt injection cases.
  • builtin: all bundled cases.

Use --mutations to expand suites that define deterministic variants.

Providers

  • mock: local safe baseline.
  • http: approved API or internal test shim.
  • command: local wrapper around a CLI agent.
  • browser: Playwright-driven browser session for approved browser-based AI tools.

Reports

SentinelProbe writes JSON reports by default. Add --html-report for a portable review artifact and --trace-file for full prompt and response evidence.

Findings use:

  • pass: no deterministic issue found.
  • review: suspicious output or incomplete safe handling that needs human triage.
  • fail: deterministic unsafe behavior, including fake secret leakage.

Documentation

Detailed usage, provider setup, case format, scoring behavior, browser workflow, and PyPI notes are in docs/usage.md.

Safety Scope

  • Use only approved systems and accounts.
  • Use fake documents, fake secrets, and sandbox data.
  • Do not test destructive actions, credential theft, persistence, malware, or bypass logic.
  • Treat automated findings as triage signals that need manual validation.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

sentinelprobe-0.9.1.tar.gz (46.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

sentinelprobe-0.9.1-py3-none-any.whl (47.9 kB view details)

Uploaded Python 3

File details

Details for the file sentinelprobe-0.9.1.tar.gz.

File metadata

  • Download URL: sentinelprobe-0.9.1.tar.gz
  • Upload date:
  • Size: 46.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.12

File hashes

Hashes for sentinelprobe-0.9.1.tar.gz
Algorithm Hash digest
SHA256 6d14ca9892f1e408300082a07bfe984e3b1358d6cd9903498bdb75960611f1d4
MD5 95ed3389cbed51672ceb31eb678629a2
BLAKE2b-256 e22666bc6f3e2efe7bb50cc05d96a4203d23b2216d98d906cb881a584c3db484

See more details on using hashes here.

File details

Details for the file sentinelprobe-0.9.1-py3-none-any.whl.

File metadata

  • Download URL: sentinelprobe-0.9.1-py3-none-any.whl
  • Upload date:
  • Size: 47.9 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.12

File hashes

Hashes for sentinelprobe-0.9.1-py3-none-any.whl
Algorithm Hash digest
SHA256 9c51d84e749a9b8fd1b5f0200d945795541da1acf0dc8f019d2d7e3485c6f4f4
MD5 22b02cfdd23237ebf30cfc934dff0bc4
BLAKE2b-256 bba5431dab3cb1dae2f0ea4d84038f1483904e86c5d75123da563736d894b736

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page