CLI ToolsMay 14, 2026·2 min read

Augustus — LLM Vulnerability Scanner (Go CLI)

Augustus is a Go-based LLM vulnerability scanner covering 210+ adversarial attacks and 28 providers; verified 205★ and pushed 2026-05-11.

Agent ready

Safe staging for this asset

This asset is staged first. The copied prompt tells the agent to inspect the staged files and ask before activating scripts, MCP config, or global config.

Stage only · 17/100Policy: stage
Agent surface
Any MCP/CLI agent
Kind
CLI Tool
Install
Stage only
Trust
Trust: Established
Entrypoint
Asset
Safe staging command
npx -y tokrepo@latest install 23d77068-dbd1-55d2-a53d-fc6a5f3929d7 --target codex

Stages files first; activation requires review of the staged README and plan.

Intro

Augustus is a Go-based LLM vulnerability scanner covering 210+ adversarial attacks and 28 providers; verified 205★ and pushed 2026-05-11.

Best for: Security teams running repeatable prompt-injection/jailbreak regression tests across multiple LLM providers

Works with: Go 1.25.3+ and credentials for whichever LLM provider you target

Setup time: 6-15 minutes

Key facts (verified)

  • GitHub: 205 stars · 25 forks · pushed 2026-05-11.
  • License: Apache-2.0 · owner avatar + repo URL verified via GitHub API.
  • README-backed entrypoint: augustus --help.

Main

  • Attack coverage: README claims 210+ adversarial attacks across prompt injection, jailbreak, encoding exploits, and data extraction.

  • Provider breadth: README states integration with 28 LLM providers, useful for comparing models and configs under one harness.

  • Ops-friendly scanning: README highlights concurrency, rate limiting, retries, and timeouts for production-style testing.

  • Reportable outputs: README includes sections on output formats so you can wire results into CI/security review.

Source-backed notes

  • README describes Augustus as a Go-based LLM vulnerability scanner for security professionals.
  • README quick start uses go install .../cmd/augustus@latest and requires Go 1.25.3+.
  • README warns some probes use offensive language for jailbreak testing; use only in authorized environments.

FAQ

  • Is it safe to run against production?: Treat it like a security test tool: rate-limit, scope targets, and use authorized environments only.
  • Do I need provider API keys?: Yes — you need credentials for each LLM provider you want to scan.
  • How do I start small?: Run a single probe first, then expand to multiple probes and report outputs once you trust the harness.
🙏

Source & Thanks

Source: https://github.com/praetorian-inc/augustus > License: Apache-2.0 > GitHub stars: 205 · forks: 25

Discussion

Sign in to join the discussion.
No comments yet. Be the first to share your thoughts.

Related Assets