Documentation

Open-source security platform for AI agents. Pick a tool to get started.

New here? Start with the CLI. One command to scan, protect, and monitor.

npx opena2a-cli init

Scan & Fix

Find vulnerabilities, test defenses, and protect credentials

OpenA2A CLI

Unified security platform. Scan, protect, monitor, and detect Shadow AI agents and MCP servers.

View Docs

HackMyAgent

Security scanner, red-team toolkit, OASB benchmark, and runtime protection. 199 security checks with auto-fix.

View Docs

Secretless

Credential protection for AI tools. Prevents key leakage in LLM contexts.

View Docs

Identity & Trust

Agent identity, browser protection, and supply chain trust

AIM

Agent Identity Management. Ed25519 identity, trust scoring, MCP security, ABOM.

View Docs

Browser Guard

Chrome extension for detecting and controlling browser-based AI agents.

View Docs

Trust Data

Query community trust scores, run security scans, and contribute findings to the OpenA2A trust registry.

View Docs

Train & Extend

Security training and cryptographic readiness

DVAA

Damn Vulnerable AI Agent. Intentionally vulnerable agent for security training.

View Docs

CryptoServe

Post-quantum cryptographic readiness. Inventory, assess, and upgrade crypto.

View Docs

Use Cases

Step-by-step workflows for your role

Developer using AI coding tools

5 min

Security team assessing AI risk

10 min

MCP server author

15 min

CI/CD pipeline integration

15 min

Interactive Demos

See the tools in action. Run guided security scenarios in your browser.

Not sure which tool you need?

Follow the getting-started guide to find the right tool for your use case.