Esta página se muestra en inglés. Una traducción al español está en curso.
PromptsMay 13, 2026·3 min de lectura

Superagent SDK — Guardrails Against Prompt Injection

Superagent SDK helps protect AI apps: detect prompt injections, redact PII/secrets, scan repos for poisoning, and integrate via TS/Python, CLI, or MCP.

Prompt Lab
Prompt Lab · Community
Listo para agents

Este activo puede ser leído e instalado directamente por agents

TokRepo expone un comando CLI universal, contrato de instalación, metadata JSON, plan según adaptador y contenido raw para que los agents evalúen compatibilidad, riesgo y próximos pasos.

Stage only · 27/100Stage only
Superficie agent
Cualquier agent MCP/CLI
Tipo
Prompt
Instalación
Stage only
Confianza
Confianza: Community
Entrada
Asset
Comando CLI universal
npx tokrepo install 09f2e36d-59a1-5177-b67c-c4533169432c
contrato de instalaciónJSON de metadataplan adaptadorcontenido raw
Introducción

Superagent SDK is an open-source safety toolkit for agent apps: guard against prompt injections, redact PII/secrets, and scan repos for threats. It offers TS/Python SDKs and a CLI, and is GitHub-verified at 6,594★.

Best for: shipping agent apps that need runtime prompt-injection detection and secret/PII redaction

Works with: TypeScript/Python SDKs; optional CLI; integrates with Claude Code/Claude Desktop via MCP server (per repo docs)

Setup time: 10–25 minutes

Key facts (verified)

  • README lists features: Guard (prompt injection), Redact (PII/secrets), Scan (repo threats).
  • README shows install npm install safety-agent and environment var SUPERAGENT_API_KEY.
  • README mentions open-weight guard models with 50–100ms latency (as stated in README).
  • GitHub: 6,594 stars · 962 forks; pushed 2026-04-11 (GitHub API verified).

Main

Add safety guardrails like you add observability:

  • Run Guard on every user message and on every tool-call instruction.
  • Redact before logging or storing transcripts.
  • Use Scan as part of CI for repos that agents can read, to catch repo poisoning patterns.

Start with "report-only" mode (log findings), then switch to blocking once you see false-positive rates in your domain.

README excerpt (verbatim)

Superagent

Superagent SDK

Make your AI apps safe.

Website · Docs · Discord · HuggingFace

Y Combinator GitHub stars MIT License

An open-source SDK for AI agent safety. Block prompt injections, redact PII and secrets, scan repositories for threats, and run red team scenarios against your agent.

Features

Guard

Detect and block prompt injections, malicious instructions, and unsafe tool calls at runtime.

TypeScript:

import { createClient } from "safety-agent";

const client = createClient();

const result = await client.guard({
  input: userMessage
});

if (result.classification === "block") {
  console.log("Blocked:", result.violation_types);
}

Python:

from safety_agent import create_client

client = create_client()

result = await client.guard(input=user_message)

if result.classification == "block":
    print("Blocked:", result.violation_types)

Redact

Remove PII, PHI, and secrets from text automatically.

TypeScript:

const result = await client.redact({
  input: "My email is john@example.com and SSN is 123-45-6789",
  model: "openai/gpt-4o-mini"
});

console.log(result.redacted);
// "My email is <EMAIL_REDACTED> and SSN is <SSN_REDACTED>"

Python:

result = await client.redact(
    input="My email is john@example.com and SSN is 123-45-6789",
    model="openai/gpt-4o-mini"
)

print(result.redacted)
# "My email is <EMAIL_REDACTED> and SSN is <SSN_REDACTED>"

Scan

Analyze repositories for AI agent-targeted attacks such as repo poisoning and malicious instructions.

TypeScript:

const result = await client.scan({
  repo: "https://github.com/user/repo"
});

console.log(result.result);  // Security report
console.log(`Cost: $${result.usage.cost.toFixed(4)}`);

Python:

result = await client.scan(repo="https://github.com/user/repo")

print(result.result)  # Security report
print(f"Cost: ${result.usage.cost:.4f}")

FAQ

Q: Is Superagent open source? A: Yes—repo is MIT-licensed per GitHub license metadata.

Q: How do I install it? A: README shows npm install safety-agent (and uv add safety-agent for Python).

Q: What does it do? A: Guard against prompt injection, redact secrets/PII, and scan repos for threats (per README).

🙏

Fuente y agradecimientos

Source: https://github.com/superagent-ai/superagent > License: MIT > GitHub stars: 6,594 · forks: 962

Discusión

Inicia sesión para unirte a la discusión.
Aún no hay comentarios. Sé el primero en compartir tus ideas.

Activos relacionados

Defender — Prompt Injection Guardrails for Agents

Defender is an OSS library to detect and neutralize prompt injection in tool outputs; verified 97★ and bundles a ~22MB ONNX model.

Prompts
Prompt Lab

Spikee — Prompt Injection Eval Kit (CLI)

ReversecLabs/spikee is a modular CLI for prompt injection/jailbreak evals; verified 184★ and documents `spikee generate` → `spikee test`.

PromptsCLI Tools
Script Depot

SafeLLMPlayground — Prompt Injection Text-Adventure

Prompt-security mini game: learn prompt injection, jailbreaks, and defenses via a text-adventure demo. Verified 240★; pushed 2026-05-11.

Prompts
AI Open Source

Anamorpher — Image-Scaling Prompt Injection Lab

trailofbits/anamorpher crafts image-scaling attacks for multimodal prompt injection; verified 1,049★ with a uv backend and browser frontend workflow.

Prompts
Script Depot
Inicio🔍Buscar👤Yo