Agent Security Checker

Agent Security Checker is an autonomous multi-agent red-teaming system built on the Band platform that automatically discovers, attacks, and certifies AI agents. Designed for regulated industries (healthcare, finance, legal), it addresses a critical gap: while organizations deploy AI agents daily, no automated tool exists to test them for adversarial vulnerabilities at runtime. The system operates through a fully autonomous 3-agent pipeline triggered by a single message or button click: 1. Discovery Agent runs 18 probes across two phases : reconnaissance (mapping capabilities, data access, user permissions, external integrations) and LLM fingerprinting (detecting the underlying model, safety tuning level, framework, and jailbreak resistance). This provides deep intelligence about the target's attack surface. 2. Attack Agent executes 70+ adaptive attacks across 10 categories (Prompt Injection, Jailbreak, Persona Hijacking, Tool Policy Bypass, and more). It features a mutation engine that automatically rewrites partial responses up to 3 times, language bypass across 5 languages, context poisoning chains, and weighted scoring based on real-world severity. Each attack is judged by an AI security auditor that determines PASS/WARN/FAIL with specific evidence. 3. Report Agent generates a professional HTML certification report with category scores, critical findings, systemic patterns, compliance assessments (HIPAA, GDPR, PCI-DSS), and a deployment recommendation (DEPLOY/CONDITIONAL/DO NOT DEPLOY). The system uses dual Groq API keys with automatic fallback and supports any HTTP/HTTPS endpoint, making it versatile for testing agents on Replit, Render, or custom domains. Built entirely with free, open-source tools (Python, Groq's free tier, Band SDK), it demonstrates true multi-agent collaboration with automatic audit trails — exactly what regulated industries require for AI compliance.