Skip to content
@superagent-ai

Superagent

Making AI apps safe
README.md

Superagent

Superagent

An AI security team that finds, patches, and discloses vulnerabilities.
Every fix ships as a PR — remediation in hours, not months.

Website · Docs · Discord · HuggingFace

Y Combinator W24

Why Superagent?

AI is making vulnerability discovery cheap, but closing vulnerabilities still requires validation, safe fixes, and human-reviewed merges. Superagent is how engineering teams close vulnerabilities without expanding their security team:

Find → Validate → Fix → Disclose

Find runs continuous adversarial research across repos and agents. Validate proves each finding is real, reproducing it safely and ruling out noise before anything reaches a human. Fix ships a validated fix as a PR your team reviews and merges. Disclose handles coordinated disclosure from embargo to advisory.

The GitHub App is how teams run Superagent in production. Security skills and CLA checks bring Superagent into existing CI/CD workflows.

Built for Production

  • Humans in the loop: Agents do the research. Your team approves every fix before it ships.
  • GitHub native: Install apps and meet your team where they already work. Findings land as check runs and PR comments.
  • Free for open source: Public repos get full vulnerability finding, patching, and disclosure at no cost.
  • 10× security work without adding headcount: Run end-to-end security workflows on private repos and agents with the team you already have.

Core Ecosystem

superagent — Core SDK

GitHub stars GitHub forks

  • Detect and block prompt injections, redact PII and secrets, scan repos for threats. Embed safety directly into your app.

skills — Security Skills

GitHub stars GitHub forks License

  • A collection of security skills for AI agents: vulnerability triage, infrastructure auditing, crypto hygiene, and more.

brin — Context Trust Score

GitHub stars GitHub forks

  • Credit score for context. Measure what AI models miss without threat detection.

Who Builds with Superagent

  • Open source maintainers: Shipping free security for public repos. Vulnerability finding, patching, and disclosure with no manual overhead.
  • AI agent builders: Adding guardrails to production agents. Blocking prompt injections, redacting sensitive data, and sandboxing coding agents.
  • Enterprise security teams: Running continuous find-and-fix on private repos and agents. 10× the security output without expanding headcount.

Resources & Links

Pinned Loading

  1. superagent superagent Public

    Superagent protects your AI applications against prompt injections, data leaks, and harmful outputs. Embed safety directly into your app and prove compliance to your customers.

    TypeScript 6.6k 959

  2. brin brin Public

    credit score for context

    Shell 44 8

  3. vibekit vibekit Public

    Run Claude Code, Gemini, Codex — or any coding agent — in a clean, isolated sandbox with sensitive data redaction and observability baked in.

    TypeScript 1.8k 233

  4. grok-cli grok-cli Public

    An open-source coding agent for the Grok API

    TypeScript 3.2k 390

  5. reag reag Public

    Reasoning Augmented Generation

    Python 902 59

Repositories

Showing 10 of 24 repositories
View all repositories

People

This organization has no public members. You must be a member to see who’s a part of this organization.

Top languages

Loading…

Most used topics

Loading…