https://github.com/inkog-io/inkog
The pre-flight check for AI agents
https://github.com/inkog-io/inkog
agent-testing ai-security cli devsecops golang llm-security owasp owasp-llm-top-10 sast security-tools static-analysis
Last synced: 3 months ago
JSON representation
The pre-flight check for AI agents
- Host: GitHub
- URL: https://github.com/inkog-io/inkog
- Owner: inkog-io
- License: apache-2.0
- Created: 2025-10-26T10:15:55.000Z (9 months ago)
- Default Branch: main
- Last Pushed: 2026-03-21T12:20:13.000Z (4 months ago)
- Last Synced: 2026-03-22T03:15:45.118Z (4 months ago)
- Topics: agent-testing, ai-security, cli, devsecops, golang, llm-security, owasp, owasp-llm-top-10, sast, security-tools, static-analysis
- Language: Go
- Homepage: https://inkog.io
- Size: 1.09 MB
- Stars: 33
- Watchers: 2
- Forks: 6
- Open Issues: 9
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
- Security: SECURITY.md
Awesome Lists containing this project
- awesome-production-agentic-systems - Inkog - io/inkog.svg?cacheSeconds=86400) - Open-source AI agent security scanner. Detects prompt injection, infinite loops, token bombing, SQL injection via LLM, and missing human oversight across 20+ frameworks. CLI + MCP server with compliance mapping to EU AI Act, NIST AI RMF, and OWASP LLM Top 10. (Agent Security)
README
The security co-pilot for AI agent development.
Build secure AI agents from the start. Scan for logic bugs, prompt injection, missing guardrails, and compliance gaps — before they reach production.
English ·
简体中文 ·
日本語 ·
한국어 ·
Español ·
Português ·
Deutsch ·
Français
---
AI agents can loop forever, drain your API budget in minutes, execute arbitrary code from user input, or make high-stakes decisions with zero human oversight. Most of these flaws pass code review because they look like normal code — the danger is in the runtime behavior.
Inkog scans your agent code statically and catches these problems before deployment. One command, works across 20+ frameworks, maps findings to EU AI Act and OWASP LLM Top 10.
## When to Use Inkog
- **Building an AI agent** — Scan during development to catch infinite loops, prompt injection, and missing guardrails before they ship
- **Adding security to CI/CD** — Add `inkog-io/inkog@v1` to GitHub Actions for automated security gates on every PR
- **Preparing for EU AI Act** — Generate compliance reports mapping your agent to Article 14, NIST AI RMF, OWASP LLM Top 10
- **Reviewing agent code** — Use from Claude Code, Cursor, or any MCP client to get security analysis while you code
- **Auditing MCP servers** — Check any MCP server for tool poisoning, privilege escalation, or data exfiltration before installing
- **Verifying AGENTS.md** — Validate that governance declarations match actual code behavior
- **Scanning Skill packages** — Audit SKILL.md packages for tool poisoning, command injection, and excessive permissions before adding to your agent
- **Generating an MLBOM** — Create a Machine Learning Bill of Materials documenting your agent's components, tools, and data flows
- **Building multi-agent systems** — Detect delegation loops, privilege escalation, and unauthorized handoffs between agents (A2A audit)
## Quick Start
No install needed:
```bash
npx -y @inkog-io/cli scan .
```
Or install permanently:
| Method | Command |
|--------|---------|
| **Install script** | `curl -fsSL https://inkog.io/install.sh \| sh` |
| **Homebrew** | `brew tap inkog-io/inkog && brew install inkog` |
| **Go** | `go install github.com/inkog-io/inkog/cmd/inkog@latest` |
| **Binary** | [Download from Releases](https://github.com/inkog-io/inkog/releases) |
```bash
# Get your free API key at https://app.inkog.io
export INKOG_API_KEY=sk_live_...
inkog .
```
## What It Catches
| Category | Examples | Why it matters |
|----------|----------|----------------|
| **Infinite loops** | Agent re-calls itself with no exit condition, LLM output fed back as input without a cap | Your agent runs forever and racks up API costs |
| **Prompt injection** | User input flows into system prompt unsanitized, tainted data reaches tool calls | Attackers can hijack your agent's behavior |
| **Missing guardrails** | No human-in-the-loop for destructive actions, no rate limits on LLM calls, unconstrained tool access | One bad decision and your agent goes rogue |
| **Hardcoded secrets** | API keys, tokens, and passwords in source code (detected locally, never uploaded) | Credentials leak when you push to GitHub |
| **Compliance gaps** | Missing human oversight (EU AI Act Article 14), no audit logging, missing authorization checks | You're legally required to have these controls by August 2026 |
[Full detection catalog →](https://docs.inkog.io/vulnerabilities)
## Supported Frameworks
**Code-first:** LangChain · LangGraph · CrewAI · AutoGen · AG2 · OpenAI Agents · Semantic Kernel · Azure AI Foundry · LlamaIndex · Haystack · DSPy · Phidata · Smolagents · PydanticAI · Google ADK
**No-code:** n8n · Flowise · Langflow · Dify · Microsoft Copilot Studio · Salesforce Agentforce
## GitHub Actions
```yaml
- uses: inkog-io/inkog@v1
with:
api-key: ${{ secrets.INKOG_API_KEY }}
sarif-upload: true # Shows findings in GitHub Security tab
```
[Full CI/CD docs →](https://docs.inkog.io/ci-cd/github-action) | [Complete workflow example →](examples/ci/github-actions.yml)
Deep scan
Run an advanced orchestrator-based analysis with enriched findings, an agent profile, compliance coverage, and a premium HTML report:
```bash
inkog -deep .
inkog -deep -output html . > deep-report.html
```
Requires the Inkog Deep role. [Deep scan docs →](https://docs.inkog.io/cli/deep-scan)
Skill & MCP scan
Scan SKILL.md packages, agent tools, and MCP servers for vulnerabilities:
```bash
# Scan a skill package
inkog skill-scan .
inkog skill-scan --repo https://github.com/org/repo
# Scan an MCP server by registry name
inkog mcp-scan github
inkog mcp-scan github --repo https://github.com/org/mcp-server
# Deep scan either
inkog skill-scan --deep .
inkog mcp-scan --deep --repo https://github.com/org/mcp-server
```
[Skill & MCP scan docs →](https://docs.inkog.io/cli/skill-scan)
Scan policies
```bash
inkog . --policy low-noise # Only proven vulnerabilities
inkog . --policy balanced # Vulnerabilities + risk patterns (default)
inkog . --policy comprehensive # Everything including hardening tips
inkog . --policy governance # Article 14 controls, authorization, audit trails
inkog . --policy eu-ai-act # EU AI Act compliance report
```
[Policy reference →](https://docs.inkog.io/cli/policies)
## MCP Server
Scan agent code directly from Claude, ChatGPT, or Cursor:
```bash
npx -y @inkog-io/mcp
```
7 tools including MCP server auditing, Skill package scanning, and multi-agent topology analysis. [MCP docs →](https://docs.inkog.io/integrations/mcp)
## Inkog Red — Coming Soon
Automated adversarial testing for AI agents. Inkog Red probes your running agents with prompt injection, jailbreaks, and tool misuse attacks to validate that defenses hold under real-world conditions.
[Join the waitlist →](https://inkog.io/red)
## Community
- [Documentation](https://docs.inkog.io) — CLI reference, detection patterns, integrations
- [Slack](https://join.slack.com/t/inkog-io/shared_invite/zt-3jrzztm28-cXyokCXO8KjKC6nBI0l4Gw) — Questions, feedback, feature requests
- [Issues](https://github.com/inkog-io/inkog/issues) — Bug reports and feature requests
- [Contributing](CONTRIBUTING.md) — We welcome PRs
## Star History
## License
Apache 2.0 — See [LICENSE](LICENSE)