AntiClaude

<p align="center"> <h1 align="center">AntiClaude</h1> <p align="center"> <strong>Open-source red-teaming toolkit for AI agents</strong> </p> <p align="center"> Detect prompt injection, system prompt leakage, permission abuse, and other <a href="https://owasp.org/www-project-agentic-ai-threats/">OWASP Agentic Top 10</a> vulnerabilities — from your terminal or CI pipeline. </p> <p align="center"> <a href="https://github.com/TacticSpaceTech/AntiClaude/actions/workflows/ci.yml"></a> <a href="https://www.npmjs.com/package/anticlaude"></a> <a href="https://www.npmjs.com/package/@anticlaude/engine"></a> <a href="LICENSE"></a> </p> </p>

---

• npm-native — npx anticlaude scan works instantly, no Python or Docker needed
• 64 attack payloads — covering 7 of 10 OWASP Agentic Top 10 categories
• Adaptive strategies — 8 attack mutation strategies (encoding, roleplay, multilingual, nested, semantic, and more)
• LLM Judge — optional semantic detection via OpenAI or Anthropic APIs for higher accuracy
• MCP Scanner — auto-discover and audit MCP server configs for credential leaks, command injection, and supply chain risks
• CI-ready — GitHub Action with PR commenting, fail thresholds, and machine-readable output

npx anticlaude scan --endpoint https://your-agent.com/api/chat

<details> <summary>All CLI options</summary>

--auth <header>          Authorization header (e.g. "Bearer sk-...")
--count <n>              Number of payloads to test (default: 12)
--variants <n>           Max variant attempts per payload (default: 2)
--timeout <ms>