AI-Infra-Guard by Tencent Zhuque Lab
Offensive & PentestingA full-stack AI Red Teaming platform securing AI ecosystems via OpenClaw Security Scan, Agent Scan, Skills Scan, MCP scan, AI Infra scan and LLM jailbreak evaluation.
Features
- Scans AI infrastructure components for vulnerabilities (e.g., OpenClaw, Agent Scan)
- Evaluates prompt‑injection and jailbreak risks with dedicated security operators
- Provides WebSocket agent provider support for real‑time scanning
Recent releases
View all 32 releases →
v4.1.6
Bug fix
Notable features
- Add git to Docker runtime dependencies
- Replace zip download with git clone in Data Sync, removing github_token dependency
- Support manual updates of jailbreak datasets, fingerprints, and vulnerability databases
Full changelog
[v4.1.6] - 2026-04-23
Added
- Docker: Add git to runtime dependencies in Dockerfile (69f7430)
- Vuln Rules: Add AIG vulnerability rules [2026-04-23] (#350)
- Vuln Rules: Detect exposed AI agent config files (claude_desktop_config.json, mcp.json, etc.) (#340)
- Vuln Rules: Add Trae IDE and CodeBuddy MCP config paths, extend .env key patterns
- Data Sync: Replace zip download with git clone, remove github_token dependency (#327)
- Manual Updates: Support manual updates to the latest jailbreak datasets, fingerprints, and vulnerability databases
- Update API: Merge update-status into update-data endpoint
Fixed
- Vuln Rules: Revert .env matcher to API key pattern matching
- Vuln Rules: Remove mcpServers field dependency, match on file format only
- Vuln Rules: Replace substring match with regex to reduce false positives
- Update API: Return status=1 when last sync failed
- Update API: Unify response format to {status, message, data}
- Update API: Remove request params, always sync main branch
- Data Sync: Harden update_api against CodeQL path-injection and command-injection alerts
- Vuln Rules: Update GHSA-8fmp-37rc-p5g7.yaml and OpenClaw versioning rule
Contributors
Special thanks to @feiyang666, @zhuque, @boyhack, @aigsec, @aig-doc-bot
v4.1.4
New feature
Notable features
- MCP Scan: multi‑turn red team attack module with TAP and Crescendo strategies
- System API: data auto‑sync endpoints (`POST /api/v1/system/update-data`, `GET /api/v1/system/update-status`)
- Agent Scan API: inline `agent_config` support, optional verify flag
Full changelog
[v4.1.4] - 2026-04-17
Security
- TLS: Support HTTPS connections with self-signed/private CA certificates for model endpoints; add InsecureSkipVerify option (#306, closes #302)
Added
- MCP Scan: Add multi-turn red team attack module with TAP and Crescendo strategies (#299)
- System API: Add data auto-sync API (
POST /api/v1/system/update-data,GET /api/v1/system/update-status) for syncingdata/directory (#301) - Agent Scan API: Support inline
agent_configin agent scan API, make verify optional on save (#322) - CLI: Support
--agent-config-filefor inline YAML agent scan config (aig-scanner v1.0.3) - Security Policy: Add SECURITY.md with trust model and vulnerability disclosure policy
Fixed
- Vulnerability Rules: Fill empty rule fields and add new CVE rules
- API: Fix mcp_scan content field and add agent_scan API documentation
- Docs: Fix HTML block bold rendering in multilingual READMEs
- Architecture: Fix runtime path resolution for local deployments
Changed
- Codebase: Convert all Chinese comments and messages to English in api.go and knowledge2_api.go
- Docs: Expand Related Papers to 17 entries with 5 new 2026 papers; sync across all multilingual READMEs
- Docs: Add architecture evolution document covering v0.1/v2.6/v3.6.0 (#294)
- Vulnerability Stats: Update component vulnerability counts, add crewai/kubeai/lobehub entries (#291)
Contributors
Special thanks to @boyhack, @zhuque, @ac0d3r, @feiyang666, @rocie799, @aig-doc-bot
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
