Agent Surface

AgentSurface is a tool for testing the security of real AI agents that are exposed through HTTP JSON APIs. Instead of relying on mock agents or generic jailbreak examples, AgentSurface connects to an actual agent endpoint, injects adversarial prompts into a configurable JSON request field, sends real HTTP requests, and records the full evidence trail: masked request, raw response, extracted answer, finding type, risk score, and recommendations. The project focuses on practical risks in AI-powered products: prompt injection, system prompt or secret disclosure, private data exposure, unsafe tool/action compliance, BOLA/IDOR-style cross-user access, and authorization gaps in support, finance, trading, CRM, and marketplace agents. AgentSurface includes a Streamlit UI with three main workspaces: Attack Sets for creating reusable adversarial prompt sets, Run for configuring the real API target and launching scans, and History for reviewing previous runs, findings, raw evidence, JSON exports, and policy drafts. It can also generate a Lobster Trap YAML policy draft, helping teams turn some detected risks into proxy-layer mitigations when applicable. The main idea behind AgentSurface is to treat an AI agent as an attack surface, not just as a chatbot. It helps teams test whether their agent follows security and business rules under adversarial input, while keeping concrete evidence that developers can use to debug and fix the issue.