Metadata-Version: 2.3
Name: agentic-radar
Version: 0.14.0
Summary: A python library for generating reports for agentic systems.
License: Apache License
                                    Version 2.0, January 2004
                                 http://www.apache.org/licenses/
         
            TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
         
            1. Definitions.
         
               "License" shall mean the terms and conditions for use, reproduction,
               and distribution as defined by Sections 1 through 9 of this document.
         
               "Licensor" shall mean the copyright owner or entity authorized by
               the copyright owner that is granting the License.
         
               "Legal Entity" shall mean the union of the acting entity and all
               other entities that control, are controlled by, or are under common
               control with that entity. For the purposes of this definition,
               "control" means (i) the power, direct or indirect, to cause the
               direction or management of such entity, whether by contract or
               otherwise, or (ii) ownership of fifty percent (50%) or more of the
               outstanding shares, or (iii) beneficial ownership of such entity.
         
               "You" (or "Your") shall mean an individual or Legal Entity
               exercising permissions granted by this License.
         
               "Source" form shall mean the preferred form for making modifications,
               including but not limited to software source code, documentation
               source, and configuration files.
         
               "Object" form shall mean any form resulting from mechanical
               transformation or translation of a Source form, including but
               not limited to compiled object code, generated documentation,
               and conversions to other media types.
         
               "Work" shall mean the work of authorship, whether in Source or
               Object form, made available under the License, as indicated by a
               copyright notice that is included in or attached to the work
               (an example is provided in the Appendix below).
         
               "Derivative Works" shall mean any work, whether in Source or Object
               form, that is based on (or derived from) the Work and for which the
               editorial revisions, annotations, elaborations, or other modifications
               represent, as a whole, an original work of authorship. For the purposes
               of this License, Derivative Works shall not include works that remain
               separable from, or merely link (or bind by name) to the interfaces of,
               the Work and Derivative Works thereof.
         
               "Contribution" shall mean any work of authorship, including
               the original version of the Work and any modifications or additions
               to that Work or Derivative Works thereof, that is intentionally
               submitted to Licensor for inclusion in the Work by the copyright owner
               or by an individual or Legal Entity authorized to submit on behalf of
               the copyright owner. For the purposes of this definition, "submitted"
               means any form of electronic, verbal, or written communication sent
               to the Licensor or its representatives, including but not limited to
               communication on electronic mailing lists, source code control systems,
               and issue tracking systems that are managed by, or on behalf of, the
               Licensor for the purpose of discussing and improving the Work, but
               excluding communication that is conspicuously marked or otherwise
               designated in writing by the copyright owner as "Not a Contribution."
         
               "Contributor" shall mean Licensor and any individual or Legal Entity
               on behalf of whom a Contribution has been received by Licensor and
               subsequently incorporated within the Work.
         
            2. Grant of Copyright License. Subject to the terms and conditions of
               this License, each Contributor hereby grants to You a perpetual,
               worldwide, non-exclusive, no-charge, royalty-free, irrevocable
               copyright license to reproduce, prepare Derivative Works of,
               publicly display, publicly perform, sublicense, and distribute the
               Work and such Derivative Works in Source or Object form.
         
            3. Grant of Patent License. Subject to the terms and conditions of
               this License, each Contributor hereby grants to You a perpetual,
               worldwide, non-exclusive, no-charge, royalty-free, irrevocable
               (except as stated in this section) patent license to make, have made,
               use, offer to sell, sell, import, and otherwise transfer the Work,
               where such license applies only to those patent claims licensable
               by such Contributor that are necessarily infringed by their
               Contribution(s) alone or by combination of their Contribution(s)
               with the Work to which such Contribution(s) was submitted. If You
               institute patent litigation against any entity (including a
               cross-claim or counterclaim in a lawsuit) alleging that the Work
               or a Contribution incorporated within the Work constitutes direct
               or contributory patent infringement, then any patent licenses
               granted to You under this License for that Work shall terminate
               as of the date such litigation is filed.
         
            4. Redistribution. You may reproduce and distribute copies of the
               Work or Derivative Works thereof in any medium, with or without
               modifications, and in Source or Object form, provided that You
               meet the following conditions:
         
               (a) You must give any other recipients of the Work or
                   Derivative Works a copy of this License; and
         
               (b) You must cause any modified files to carry prominent notices
                   stating that You changed the files; and
         
               (c) You must retain, in the Source form of any Derivative Works
                   that You distribute, all copyright, patent, trademark, and
                   attribution notices from the Source form of the Work,
                   excluding those notices that do not pertain to any part of
                   the Derivative Works; and
         
               (d) If the Work includes a "NOTICE" text file as part of its
                   distribution, then any Derivative Works that You distribute must
                   include a readable copy of the attribution notices contained
                   within such NOTICE file, excluding those notices that do not
                   pertain to any part of the Derivative Works, in at least one
                   of the following places: within a NOTICE text file distributed
                   as part of the Derivative Works; within the Source form or
                   documentation, if provided along with the Derivative Works; or,
                   within a display generated by the Derivative Works, if and
                   wherever such third-party notices normally appear. The contents
                   of the NOTICE file are for informational purposes only and
                   do not modify the License. You may add Your own attribution
                   notices within Derivative Works that You distribute, alongside
                   or as an addendum to the NOTICE text from the Work, provided
                   that such additional attribution notices cannot be construed
                   as modifying the License.
         
               You may add Your own copyright statement to Your modifications and
               may provide additional or different license terms and conditions
               for use, reproduction, or distribution of Your modifications, or
               for any such Derivative Works as a whole, provided Your use,
               reproduction, and distribution of the Work otherwise complies with
               the conditions stated in this License.
         
            5. Submission of Contributions. Unless You explicitly state otherwise,
               any Contribution intentionally submitted for inclusion in the Work
               by You to the Licensor shall be under the terms and conditions of
               this License, without any additional terms or conditions.
               Notwithstanding the above, nothing herein shall supersede or modify
               the terms of any separate license agreement you may have executed
               with Licensor regarding such Contributions.
         
            6. Trademarks. This License does not grant permission to use the trade
               names, trademarks, service marks, or product names of the Licensor,
               except as required for reasonable and customary use in describing the
               origin of the Work and reproducing the content of the NOTICE file.
         
            7. Disclaimer of Warranty. Unless required by applicable law or
               agreed to in writing, Licensor provides the Work (and each
               Contributor provides its Contributions) on an "AS IS" BASIS,
               WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
               implied, including, without limitation, any warranties or conditions
               of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
               PARTICULAR PURPOSE. You are solely responsible for determining the
               appropriateness of using or redistributing the Work and assume any
               risks associated with Your exercise of permissions under this License.
         
            8. Limitation of Liability. In no event and under no legal theory,
               whether in tort (including negligence), contract, or otherwise,
               unless required by applicable law (such as deliberate and grossly
               negligent acts) or agreed to in writing, shall any Contributor be
               liable to You for damages, including any direct, indirect, special,
               incidental, or consequential damages of any character arising as a
               result of this License or out of the use or inability to use the
               Work (including but not limited to damages for loss of goodwill,
               work stoppage, computer failure or malfunction, or any and all
               other commercial damages or losses), even if such Contributor
               has been advised of the possibility of such damages.
         
            9. Accepting Warranty or Additional Liability. While redistributing
               the Work or Derivative Works thereof, You may choose to offer,
               and charge a fee for, acceptance of support, warranty, indemnity,
               or other liability obligations and/or rights consistent with this
               License. However, in accepting such obligations, You may act only
               on Your own behalf and on Your sole responsibility, not on behalf
               of any other Contributor, and only if You agree to indemnify,
               defend, and hold each Contributor harmless for any liability
               incurred by, or claims asserted against, such Contributor by reason
               of your accepting any such warranty or additional liability.
         
            END OF TERMS AND CONDITIONS
         
            APPENDIX: How to apply the Apache License to your work.
         
               To apply the Apache License to your work, attach the following
               boilerplate notice, with the fields enclosed by brackets "[]"
               replaced with your own identifying information. (Don't include
               the brackets!)  The text should be enclosed in the appropriate
               comment syntax for the file format. We also recommend that a
               file or class name and description of purpose be included on the
               same "printed page" as the copyright notice for easier
               identification within third-party archives.
         
            Copyright [yyyy] [name of copyright owner]
         
            Licensed under the Apache License, Version 2.0 (the "License");
            you may not use this file except in compliance with the License.
            You may obtain a copy of the License at
         
                http://www.apache.org/licenses/LICENSE-2.0
         
            Unless required by applicable law or agreed to in writing, software
            distributed under the License is distributed on an "AS IS" BASIS,
            WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
            See the License for the specific language governing permissions and
            limitations under the License.
Author: SPLX
Author-email: developers@splx.ai
Maintainer: SPLX
Maintainer-email: developers@splx.ai
Requires-Python: >=3.9
Classifier: Development Status :: 3 - Alpha
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.9
Provides-Extra: crewai
Provides-Extra: openai-agents
Requires-Dist: crewai-tools (>=0.38.1) ; (python_version >= "3.10" and python_version < "3.13") and (extra == "crewai")
Requires-Dist: dotenv (>=0.9.9,<0.10.0)
Requires-Dist: importlib-resources (>=6.5.2,<7.0.0)
Requires-Dist: jinja2 (>=3.1.5,<4.0.0)
Requires-Dist: openai (>=1.73.0,<2.0.0)
Requires-Dist: openai-agents (>=0.0.13,<0.0.14) ; extra == "openai-agents"
Requires-Dist: pydantic (>=2.10.6)
Requires-Dist: pyyaml (>=6.0.2,<7.0.0)
Requires-Dist: rich (>=13.7.0,<14.0.0)
Requires-Dist: typer-slim (>=0.15.1)
Project-URL: Homepage, https://github.com/splx-ai/agentic-radar
Project-URL: Source, https://github.com/splx-ai/agentic-radar
Project-URL: Tracker, https://github.com/splx-ai/agentic-radar/issues
Description-Content-Type: text/markdown

<div align="center">


  <a href="https://splx.ai">
    <img src="https://github.com/splx-ai/agentic-radar/raw/main/docs/logo.png" alt="logo" width="600" height="auto" />
  </a>
  
  <p>
    A Security Scanner for your agentic workflows!
  </p>
  
  
<!-- Badges -->
<p>
  <a href="https://github.com/splx-ai/agentic-radar/graphs/contributors">
    <img src="https://img.shields.io/github/contributors/splx-ai/agentic-radar" alt="contributors" />
  </a>
  <a href="">
    <img src="https://img.shields.io/github/last-commit/splx-ai/agentic-radar" alt="last update" />
  </a>
  <a href="https://github.com/splx-ai/agentic-radar/network/members">
    <img src="https://img.shields.io/github/forks/splx-ai/agentic-radar" alt="forks" />
  </a>
  <a href="https://github.com/splx-ai/agentic-radar/stargazers">
    <img src="https://img.shields.io/github/stars/splx-ai/agentic-radar" alt="stars" />
  </a>
  <a href="https://github.com/splx-ai/agentic-radar/issues/">
    <img src="https://img.shields.io/github/issues/splx-ai/agentic-radar" alt="open issues" />
  </a>
  <a href="https://github.com/splx-ai/agentic-radar/blob/main/LICENSE">
    <img src="https://img.shields.io/github/license/splx-ai/agentic-radar.svg" alt="license" />
  </a>
  <a href="https://pypi.org/project/agentic-radar">
    <img src="https://img.shields.io/pypi/v/agentic-radar" alt="PyPI - Version" />
  </a>
  <a href="https://pypi.org/project/agentic-radar">
    <img src="https://static.pepy.tech/badge/agentic-radar" alt="PyPI - Downloads" />
  </a>
  <br />
  <a href="https://discord.gg/tR2d54utZc">
    <img src="https://img.shields.io/discord/1346578514177949767?style=for-the-badge&logo=discord&logoColor=white&label=Discord&labelColor=5865F2&color=555555" alt="Discord" />
  </a>
  <a href="https://join.slack.com/t/splxaicommunity/shared_invite/zt-31b3hc3mt-A0v78qztTIMSNBg6y~WOAA">
    <img src="https://img.shields.io/badge/Slack-4A154B?style=for-the-badge&logo=slack&logoColor=white" alt="Slack" />
  </a>
</p>
   
  <h4>
    <a href="https://github.com/splx-ai/agentic-radar/">View Demo</a>
  <span> · </span>
    <a href="https://github.com/splx-ai/agentic-radar">Documentation</a>
  <span> · </span>
    <a href="https://github.com/splx-ai/agentic-radar/issues/">Report Bug</a>
  <span> · </span>
    <a href="https://github.com/splx-ai/agentic-radar/issues/">Request Feature</a>
  </h4>
</div>

<img src="docs/overview_image.png"/>

<!-- TABLE OF CONTENTS -->
<details>
  <summary>Table of Contents</summary>
  <ol>
    <li>
      <a href="#description-">Description</a>
    </li>
    <li>
      <a href="#agentic-visualizer-">Agentic Visualizer</a>
    </li>
    <li>
      <a href="#getting-started-">Getting Started</a>
      <ul>
        <li><a href="#prerequisites">Prerequisites</a></li>
        <li><a href="#installation">Installation</a></li>
      </ul>
    </li>
      <li>
      <a href="#advanced-installation">Advanced Installation</a>
      <ul>
        <li><a href="#crewai-installation">CrewAI Installation</a></li>
        <li><a href="#openai-agents-installation">OpenAI Agents Installation</a></li>
      </ul>
    </li>
    <li><a href="#usage">Usage</a></li>
    <li>
      <a href="#advanced-features-">Advanced Features</a>
      <ul>
        <li><a href="#agentic-prompt-hardening">Agentic Prompt Hardening</a></li>
        <li><a href="#-test-for-vulnerabilities-in-agentic-workflows">Test for Vulnerabilities in Agentic Workflows</a></li>
        <li><a href="#cicd-workflow">CI/CD Workflow</a></li>
      </ul>
    </li>
    <li><a href="#roadmap-">Roadmap</a></li>
    <li><a href="#blogs-and-tutorials-">Blogs and Tutorials</a></li>
    <li><a href="#community-">Community</a></li>
    <li><a href="#frequently-asked-questions-">Frequently Asked Questions</a></li>
    <li><a href="#contributing-">Contributing</a></li>
    <li><a href="#code-of-conduct-">Code Of Conduct</a></li>
    <li><a href="#license-">License</a></li>
  </ol>
</details>

## Description 📝

The **Agentic Radar** is designed to analyze and assess agentic systems for security and operational insights. It helps developers, researchers, and security professionals understand how agentic systems function and identify potential vulnerabilities.

It allows users to create a security report for agentic systems, including:
1. **Workflow Visualization** - a graph of the agentic system's workflow✅
2. **Tool Identification** - a list of all external and custom tools utilized by the system✅
3. **MCP Server Detection** - a list of all MCP servers used by system's agents✅
4. **Vulnerability Mapping** - a table connecting identified tools to known vulnerabilities, providing a security overview✅

The comprehensive HTML report summarizes all findings and allows for easy reviewing and sharing.

**[View Full Report Example Here](https://agentic-radar.neocities.org/)**


**Agentic Radar** includes mapping of detected vulnerabilities to well-known security frameworks 🛡️.
+ [OWASP Top 10 LLM Applications](https://owasp.org/www-project-top-10-for-large-language-model-applications/)

+ [OWASP Agentic AI – Threats and Mitigations](https://genaisecurityproject.com/resource/agentic-ai-threats-and-mitigations)

## Agentic Visualizer 🎆

If you only care about visualization, try out the [Agentic Visualizer](https://agentic-visualizer.splx.ai/).

It is a web-based tool that allows you to visualize agentic workflows in a user-friendly way.



## Getting Started 🚀

### Prerequisites

There are none! Just make sure you have Python (pip) installed on your machine.

### Installation
```sh
pip install agentic-radar

# Check that it is installed
agentic-radar --version
```

Some features require extra installations, depending on the targeted agentic framework. See more [below](#advanced-installation).

## Advanced Installation
### CrewAI Installation

CrewAI extras are needed when using one of the following features in combination with CrewAI:

- [Agentic Radar Test](#-test-for-vulnerabilities-in-agentic-workflows)
- Descriptions for predefined tools

You can install Agentic Radar with extra CrewAI dependencies by running:
```sh
pip install "agentic-radar[crewai]"
```

> [!WARNING]
> This will install the `crewai-tools` package which is only supported on Python versions >= 3.10 and < 3.13.
> If you are using a different python version, the tool descriptions will be less detailed or entirely missing.

### OpenAI Agents Installation

OpenAI Agents extras are needed when using one of the following features in combination with OpenAI Agents:

- [Agentic Radar Test](#-test-for-vulnerabilities-in-agentic-workflows)

You can install Agentic Radar with extra OpenAI Agents dependencies by running:
```sh
pip install "agentic-radar[openai-agents]"
```

## Usage

Agentic Radar now supports two main commands:

### 1. `scan`
Scan code for agentic workflows and generate a report.

```sh
agentic-radar scan [OPTIONS] FRAMEWORK:{langgraph|crewai|n8n|openai-agents|autogen}
```

Example:
```sh
agentic-radar scan langgraph -i path/to/langgraph/example/folder -o report.html
```

---

### 2. `test`
Test agents in an agentic workflow for various vulnerabilities.
Requires OPENAI_API_KEY set as environment variable.

```sh
agentic-radar test [OPTIONS] FRAMEWORK:{openai-agents} ENTRYPOINT_SCRIPT_WITH_ARGS
```

Example:
```sh
agentic-radar test openai-agents "path/to/openai-agents/example.py"
```

See more about this feature [here](#-test-for-vulnerabilities-in-agentic-workflows).


## Advanced Features ✨

### Agentic Prompt Hardening

Agentic Prompt Hardening automatically improves detected system prompts in your agentic workflow and displays them in the report. It transforms simple agent instructions into high-quality structured system prompts which follow best prompt engineering practices.

> [!NOTE]  
> Currently supported frameworks (with more to come): OpenAI Agents, CrewAI, Autogen

It is quite straightforward to use:
1. Set your OPENAI_API_KEY environment variable by running `export OPENAI_API_KEY=<api_key>`.

2. Run Agentic Radar with the `--harden-prompts` flag, for example:
```sh
agentic-radar scan openai-agents --harden-prompts -i examples/openai-agents/
basic/lifecycle_example -o report.html
```

4. Inspect hardened system prompts in the generated report:
<img src="docs/prompt_hardening.png"/>

### 🔍 Test for Vulnerabilities in Agentic Workflows

Agentic Radar now supports testing your agent workflows at **runtime** to identify critical vulnerabilities through simulated adversarial inputs.

This includes automated testing for:
  - Prompt Injection
  - PII Leakage
  - Harmful Content Generation
  - Fake News Generation

Currently supported for:
- OpenAI Agents ✅ (more frameworks coming soon)

#### 🛠 How It Works

The test command launches your agentic workflow with a test suite designed to simulate malicious or adversarial inputs. These tests are designed based on real-world attack scenarios aligned with the OWASP LLM Top 10.

> [!NOTE]  
> This feature requires OPENAI_API_KEY or AZURE_OPENAI_API_KEY set as an environment variable. You can set it via command line or inside a .env file.

Test is run like:
```sh
agentic-radar test <framework> "<path/to/the/workflow/main.py any-necessary-args>"
```

For example:
```sh
agentic-radar test openai-agents "examples/openai-agents/basic/lifecycle_example.py"
```

The tool injects itself into the agentic workflow provided by user, detects necessary information and runs the prepared tests.

#### Configurable Tests

You can pass custom tests to Agentic Radar by creating a YAML file with the following structure:
```yaml
include_default_tests: false
tests:
   - name: TestA
     input: Mention A.
     success_condition: Attack succeeded if A is mentioned.

   - name: TestB
     input: Mention B.
     success_condition: Attack succeeded if B is mentioned.
```

`name` is the name of the test, `input` is the input text to be passed to the agent, and `success_condition` is a description of what constitutes a successful attack (it will be used by an oracle LLM to determine if the test passed or failed).

You can then run Agentic Radar test with the `--config` option pointing to your YAML file:
```sh
agentic-radar test openai-agents --config custom_tests.yaml "examples/openai-agents/basic/lifecycle_example.py"
```

By default, Agentic Radar will also include the built-in tests. You can disable them by setting `include_default_tests` to `false` in your YAML file.

#### 📊 Rich Test Results

All test results are printed in a visually rich table format directly in the terminal.
Each row shows:
  - Agent name
  - Type of test
  - Injected input
  - Agent output
  - ✅ Whether the test passed or failed
  - 🛑 A short explanation of the result

This makes it easy to spot vulnerabilities at a glance—especially in multi-agent systems.

  <img src="docs/test_results.png" alt="Test Results Example" />

### CI/CD Workflow

To integrate Agentic Radar into your CI/CD pipeline, you can use the [provided GitHub Actions workflow example](https://github.com/splx-ai/agentic-radar/blob/main/examples/github_workflow/auto-agentic-radar.yaml). Just paste the YAML to the `.github/workflows` directory of your repository. 

This workflow automatically runs Agentic Radar scans on your codebase whenever changes are pushed to the repository. The generated report is uploaded as an artifact in the GitHub Actions run.

## Roadmap 📈

This matrix shows which agentic frameworks support all the Agentic Radar features. With time we will strive towards covering all current frameworks with all existing features, as well as introducing new frameworks to the mix. 

| Feature       | Scan        | MCP Detection        | Prompt Hardening | Agentic Test
|----------------|-------------|-------------|-------------|-------------|
| OpenAI Agents  | ✅          | ✅          | ✅          |     ✅         |
| CrewAI         | ✅          | ✅         | ✅          |      ❌        |
| n8n            | ✅          | ✅          | ❌          |     ❌        |
| LangGraph      | ✅          | ✅          | ❌          |     ❌         |
| Autogen     | ✅          | ✅          | ✅          |     ❌         |

Are there some features you would like to see happen first? Vote anonymously [here](https://strawpoll.com/w4nWWMqqlnA) or [open a GitHub Issue](https://github.com/splx-ai/agentic-radar/issues/new/choose).

## Blogs and Tutorials 💡

- [CrewAI](https://splx.ai/blog/enhancing-ai-transparency-scanning-crewai-workflows-with-agentic-radar)
- [n8n](https://splx.ai/blog/scanning-n8n-workflows-with-agentic-radar)
- [OpenAI Agents](https://splx.ai/blog/openai-agents-sdk-transparent-workflows-with-agentic-radar)
- [Autogen](https://colab.research.google.com/drive/14IeJv08lzBsLlEO9cKoHloDioWMWGf5Q)
- [MCP Server Detection](https://splx.ai/blog/agentic-radar-now-detects-mcp-servers-in-agentic-workflows)
- [Agentic Prompt Hardening](https://splx.ai/blog/agentic-radar-now-scans-and-hardens-system-prompts-in-agentic-workflows)

## Community 🤝

We welcome contributions from the AI and security community! Join our [Discord community](https://discord.gg/QZQpef5PsD) or [Slack community](https://join.slack.com/t/splxaicommunity/shared_invite/zt-31b3hc3mt-A0v78qztTIMSNBg6y~WOAA) to connect with other developers, discuss features, get support and contribute to **Agentic Radar** 🚀

If you like what you see, give us a star! It keeps us inspired to improve and innovate and helps others discover the project 🌟

## Frequently Asked Questions ❓

**Q: Is my source code being shared or is everything running locally?**  
A: The main features (static workflow analysis and vulnerability mapping) are run completely locally and therefore your code is not shared anywhere. For optional advanced features, LLM's might be used. Eg. when using [Prompt Hardening](#agentic-prompt-hardening), detected system prompts can get sent to LLM for analysis.

## Contributing 💻 

[CONTRIBUTING](CONTRIBUTING.md)

## Code Of Conduct 📜
[CODE OF CONDUCT](CODE_OF_CONDUCT.md)

## License ⚖️

[LICENSE](LICENSE)

