An open API service indexing awesome lists of open source software.

https://github.com/inkog-io/inkog

The pre-flight check for AI agents
https://github.com/inkog-io/inkog

agent-testing ai-security cli devsecops golang llm-security owasp owasp-llm-top-10 sast security-tools static-analysis

Last synced: 3 months ago
JSON representation

The pre-flight check for AI agents

Awesome Lists containing this project

README

          


Inkog

The security co-pilot for AI agent development.


Build secure AI agents from the start. Scan for logic bugs, prompt injection, missing guardrails, and compliance gaps — before they reach production.


English ·
简体中文 ·
日本語 ·
한국어 ·
Español ·
Português ·
Deutsch ·
Français


Release
License
Go Report Card
CI
Slack


Inkog scanning AI agent code for vulnerabilities

---

AI agents can loop forever, drain your API budget in minutes, execute arbitrary code from user input, or make high-stakes decisions with zero human oversight. Most of these flaws pass code review because they look like normal code — the danger is in the runtime behavior.

Inkog scans your agent code statically and catches these problems before deployment. One command, works across 20+ frameworks, maps findings to EU AI Act and OWASP LLM Top 10.

## When to Use Inkog

- **Building an AI agent** — Scan during development to catch infinite loops, prompt injection, and missing guardrails before they ship
- **Adding security to CI/CD** — Add `inkog-io/inkog@v1` to GitHub Actions for automated security gates on every PR
- **Preparing for EU AI Act** — Generate compliance reports mapping your agent to Article 14, NIST AI RMF, OWASP LLM Top 10
- **Reviewing agent code** — Use from Claude Code, Cursor, or any MCP client to get security analysis while you code
- **Auditing MCP servers** — Check any MCP server for tool poisoning, privilege escalation, or data exfiltration before installing
- **Verifying AGENTS.md** — Validate that governance declarations match actual code behavior
- **Scanning Skill packages** — Audit SKILL.md packages for tool poisoning, command injection, and excessive permissions before adding to your agent
- **Generating an MLBOM** — Create a Machine Learning Bill of Materials documenting your agent's components, tools, and data flows
- **Building multi-agent systems** — Detect delegation loops, privilege escalation, and unauthorized handoffs between agents (A2A audit)

## Quick Start

No install needed:

```bash
npx -y @inkog-io/cli scan .
```

Or install permanently:

| Method | Command |
|--------|---------|
| **Install script** | `curl -fsSL https://inkog.io/install.sh \| sh` |
| **Homebrew** | `brew tap inkog-io/inkog && brew install inkog` |
| **Go** | `go install github.com/inkog-io/inkog/cmd/inkog@latest` |
| **Binary** | [Download from Releases](https://github.com/inkog-io/inkog/releases) |

```bash
# Get your free API key at https://app.inkog.io
export INKOG_API_KEY=sk_live_...

inkog .
```

## What It Catches

| Category | Examples | Why it matters |
|----------|----------|----------------|
| **Infinite loops** | Agent re-calls itself with no exit condition, LLM output fed back as input without a cap | Your agent runs forever and racks up API costs |
| **Prompt injection** | User input flows into system prompt unsanitized, tainted data reaches tool calls | Attackers can hijack your agent's behavior |
| **Missing guardrails** | No human-in-the-loop for destructive actions, no rate limits on LLM calls, unconstrained tool access | One bad decision and your agent goes rogue |
| **Hardcoded secrets** | API keys, tokens, and passwords in source code (detected locally, never uploaded) | Credentials leak when you push to GitHub |
| **Compliance gaps** | Missing human oversight (EU AI Act Article 14), no audit logging, missing authorization checks | You're legally required to have these controls by August 2026 |

[Full detection catalog →](https://docs.inkog.io/vulnerabilities)

## Supported Frameworks

**Code-first:** LangChain · LangGraph · CrewAI · AutoGen · AG2 · OpenAI Agents · Semantic Kernel · Azure AI Foundry · LlamaIndex · Haystack · DSPy · Phidata · Smolagents · PydanticAI · Google ADK

**No-code:** n8n · Flowise · Langflow · Dify · Microsoft Copilot Studio · Salesforce Agentforce

## GitHub Actions

```yaml
- uses: inkog-io/inkog@v1
with:
api-key: ${{ secrets.INKOG_API_KEY }}
sarif-upload: true # Shows findings in GitHub Security tab
```

[Full CI/CD docs →](https://docs.inkog.io/ci-cd/github-action) | [Complete workflow example →](examples/ci/github-actions.yml)

Deep scan

Run an advanced orchestrator-based analysis with enriched findings, an agent profile, compliance coverage, and a premium HTML report:

```bash
inkog -deep .
inkog -deep -output html . > deep-report.html
```

Requires the Inkog Deep role. [Deep scan docs →](https://docs.inkog.io/cli/deep-scan)

Skill & MCP scan

Scan SKILL.md packages, agent tools, and MCP servers for vulnerabilities:

```bash
# Scan a skill package
inkog skill-scan .
inkog skill-scan --repo https://github.com/org/repo

# Scan an MCP server by registry name
inkog mcp-scan github
inkog mcp-scan github --repo https://github.com/org/mcp-server

# Deep scan either
inkog skill-scan --deep .
inkog mcp-scan --deep --repo https://github.com/org/mcp-server
```

[Skill & MCP scan docs →](https://docs.inkog.io/cli/skill-scan)

Scan policies

```bash
inkog . --policy low-noise # Only proven vulnerabilities
inkog . --policy balanced # Vulnerabilities + risk patterns (default)
inkog . --policy comprehensive # Everything including hardening tips
inkog . --policy governance # Article 14 controls, authorization, audit trails
inkog . --policy eu-ai-act # EU AI Act compliance report
```

[Policy reference →](https://docs.inkog.io/cli/policies)

## MCP Server

Scan agent code directly from Claude, ChatGPT, or Cursor:

```bash
npx -y @inkog-io/mcp
```

7 tools including MCP server auditing, Skill package scanning, and multi-agent topology analysis. [MCP docs →](https://docs.inkog.io/integrations/mcp)

## Inkog Red — Coming Soon

Automated adversarial testing for AI agents. Inkog Red probes your running agents with prompt injection, jailbreaks, and tool misuse attacks to validate that defenses hold under real-world conditions.

[Join the waitlist →](https://inkog.io/red)

## Community

- [Documentation](https://docs.inkog.io) — CLI reference, detection patterns, integrations
- [Slack](https://join.slack.com/t/inkog-io/shared_invite/zt-3jrzztm28-cXyokCXO8KjKC6nBI0l4Gw) — Questions, feedback, feature requests
- [Issues](https://github.com/inkog-io/inkog/issues) — Bug reports and feature requests
- [Contributing](CONTRIBUTING.md) — We welcome PRs

## Star History





Star History Chart

## License

Apache 2.0 — See [LICENSE](LICENSE)