OWASP Foundation web repository
-
Updated
Jul 17, 2026 - Python
OWASP Foundation web repository
Memory defense for AI agents — stops MINJA, AgentPoison, and MemoryGraft attacks. Zero dependencies.
AI Security SDK for Agents, LLMs & SLMs
AI Agent Security — Attack payloads, defense references, and research. 52 tests, ~10K lines. A learning-oriented shooting range, not a product.
Agentic AI Request Forgery (AARF) – New vulnerability class exploiting planner ➝ memory ➝ plugin chaining in MCP Server, MAS, LangChain, and A2A agents. Red Team playbooks, threat models, OWASP Top 10 proposal.
Ratine — Agent memory poisoning detector. Scans AI agent persistent memory for injected instructions, hidden payloads, credential leakage, and belief drift. OWASP ASI06. Zero dependencies.
Integrated memory-poisoning defense for persistent LLM agents (provenance + lineage + trajectory detection). AGPL-3.0.
Stop memory poisoning attacks on your AI agents
Durable, private, time-aware memory engine for long-running AI agents
Protect AI agent memory from poisoning attacks with a zero-dependency shield that fits Mem0, LangChain, or custom memory systems.
An open trust layer for AI-agent memory and identity: tamper-evident memory, cryptographic agent identity (SoulKeys), capability-scoped governance, and OWASP-ASI06 memory-poisoning detection. Apache-2.0.
This repository documents AI Recommendation Poisoning — a real-world attack technique discovered by Microsoft's Defender Security Research Team (February 2026) where adversaries silently inject persistent instructions into AI assistant memory through carefully crafted URLs.
Antivirus for AI agent memory - scanner + MCP firewall for memory poisoning (OWASP ASI06)
Does poisoned long-term memory make frontier LLMs misbehave? A rigorous AI-safety eval across 7 risks × 4 models (Claude Opus 4.8 & Sonnet 4.6, GPT-5.5, Gemini 3.5) with prompt-level and dose-response analysis.
AeroMind: Poisoning the Control Plane of LLM-Driven UAV Agents (RAID 2026)
Interactive demo showing agent memory poisoning attacks and a trust-partitioned defense using provenance-aware memory.
Persistence bound scorer for memory poisoning in LLM agent architectures
Design-stage: tests whether bond-and-slash can govern knowledge integrity when a saboteur agent poisons shared data.
Memory as a Control Plane: Poisoning Attacks on LLM Multi-Agent UAV Systems - IEEE Conference Paper
A drop-in write gate for agent memory. Wrap your Mem0 client; block memory poisoning at the write path.
Add a description, image, and links to the memory-poisoning topic page so that developers can more easily learn about it.
To associate your repository with the memory-poisoning topic, visit your repo's landing page and select "manage topics."