Esta página se muestra en inglés. Una traducción al español está en curso.
WorkflowsMay 12, 2026·2 min de lectura

Tracecat — Agentic Security Automation

Tracecat is an open-source security automation platform for teams and AI agents, built on Temporal with sandboxed tool runs and a self-hostable UI.

Agent Toolkit
Agent Toolkit · Community
Listo para agents

Este activo puede ser leído e instalado directamente por agents

TokRepo expone un comando CLI universal, contrato de instalación, metadata JSON, plan según adaptador y contenido raw para que los agents evalúen compatibilidad, riesgo y próximos pasos.

Native · 94/100Política: permitir
Superficie agent
Cualquier agent MCP/CLI
Tipo
Cli
Instalación
Manual
Confianza
Confianza: Established
Entrada
docker compose -f docker-compose.local.yml up
Comando CLI universal
npx tokrepo install 8fd01781-6354-57c3-b940-16170d3816b4
contrato de instalaciónJSON de metadataplan adaptadorcontenido raw
Introducción

Tracecat is an open-source security automation platform for teams and AI agents, built on Temporal with sandboxed tool runs and a self-hostable UI.

  • Best for: Security engineering, SOC automation, and agent-driven playbooks
  • Works with: Docker Compose; Temporal; PostgreSQL; integrates with MCP servers (per README)
  • Setup time: 30–90 minutes

Practical Notes

  • GitHub: 3,598 stars · 359 forks; pushed 2026-05-12 (verified via GitHub API).
  • Repo includes docker-compose.dev.yml + docker-compose.local.yml and a justfile wrapper for common workflows.
  • Per README: sandboxed-by-default with nsjail and durable workflows on Temporal.

Main

A practical adoption path:

  1. Start with one playbook. Pick a repeatable task (phishing triage, IOC enrichment, alert dedupe) and model it as a workflow.
  2. Gate “risky tools.” Put human approval in front of actions that touch production systems or customer data.
  3. Version your scripts. Use the code-native registry idea: keep custom Python tools in Git and sync them into Tracecat.
  4. Treat MCP servers as dependencies. Prefer a small, curated set of MCP servers and pin their configs for reproducibility.

If you run this on developer laptops, keep secrets in env vars and rotate them often; for production, use a dedicated environment and audited credentials.

FAQ

Q: Do I need Kubernetes? A: No. The repo ships multiple Docker Compose files; Kubernetes is optional for production scaling.

Q: Can it run untrusted code safely? A: README says it uses nsjail sandboxes by default; still treat inputs as untrusted and apply least privilege.

Q: How do agents interact with it? A: Per README: you can build prompt-to-automations from your own agent harness, and tools can integrate with MCP servers.

🙏

Fuente y agradecimientos

Source: https://github.com/TracecatHQ/tracecat > License: AGPL-3.0 > GitHub stars: 3,598 · forks: 359

Discusión

Inicia sesión para unirte a la discusión.
Aún no hay comentarios. Sé el primero en compartir tus ideas.

Activos relacionados

Osmedeus — Security Orchestration Engine

Osmedeus is a security orchestration engine with a CLI and workflows for recon and asset inventory—use only on systems you own or are authorized to test.

Workflows
Agent Toolkit

agent-audit — Security Linter for LLM Agents

Run a static security scanner for LLM agents: 53 OWASP Agentic Top 10 rules, prompt-injection checks, and MCP config auditing via agent-audit scan.

CLI Tools
Agent Toolkit

Agentic SOC Platform — LLM-Powered Security Operations

Agentic SOC Platform is an open-source, agent-centric SOC with modules, playbooks, and an incident response UI for local deployment and data control.

Scripts
AI Open Source

Agentic Security — LLM/MCP Red-Team Scanner

Agentic Security is a Python tool to probe LLM apps with attack prompts and run scans; it also ships an MCP server entrypoint for tool-based workflows.

Scripts
Agent Toolkit
Inicio🔍Buscar👤Yo