Cette page est affichée en anglais. Une traduction française est en cours.
PromptsMay 13, 2026·3 min de lecture

Superagent SDK — Guardrails Against Prompt Injection

Superagent SDK helps protect AI apps: detect prompt injections, redact PII/secrets, scan repos for poisoning, and integrate via TS/Python, CLI, or MCP.

Prompt Lab
Prompt Lab · Community
Prêt pour agents

Cet actif peut être lu et installé directement par les agents

TokRepo expose une commande CLI universelle, un contrat d'installation, le metadata JSON, un plan selon l'adaptateur et le contenu raw pour aider les agents à juger l'adaptation, le risque et les prochaines actions.

Stage only · 27/100Stage only
Surface agent
Tout agent MCP/CLI
Type
Prompt
Installation
Stage only
Confiance
Confiance : Community
Point d'entrée
Asset
Commande CLI universelle
npx tokrepo install 09f2e36d-59a1-5177-b67c-c4533169432c
contrat d'installationJSON metadataplan adaptateurcontenu raw
Introduction

Superagent SDK is an open-source safety toolkit for agent apps: guard against prompt injections, redact PII/secrets, and scan repos for threats. It offers TS/Python SDKs and a CLI, and is GitHub-verified at 6,594★.

Best for: shipping agent apps that need runtime prompt-injection detection and secret/PII redaction

Works with: TypeScript/Python SDKs; optional CLI; integrates with Claude Code/Claude Desktop via MCP server (per repo docs)

Setup time: 10–25 minutes

Key facts (verified)

  • README lists features: Guard (prompt injection), Redact (PII/secrets), Scan (repo threats).
  • README shows install npm install safety-agent and environment var SUPERAGENT_API_KEY.
  • README mentions open-weight guard models with 50–100ms latency (as stated in README).
  • GitHub: 6,594 stars · 962 forks; pushed 2026-04-11 (GitHub API verified).

Main

Add safety guardrails like you add observability:

  • Run Guard on every user message and on every tool-call instruction.
  • Redact before logging or storing transcripts.
  • Use Scan as part of CI for repos that agents can read, to catch repo poisoning patterns.

Start with "report-only" mode (log findings), then switch to blocking once you see false-positive rates in your domain.

README excerpt (verbatim)

Superagent

Superagent SDK

Make your AI apps safe.

Website · Docs · Discord · HuggingFace

Y Combinator GitHub stars MIT License

An open-source SDK for AI agent safety. Block prompt injections, redact PII and secrets, scan repositories for threats, and run red team scenarios against your agent.

Features

Guard

Detect and block prompt injections, malicious instructions, and unsafe tool calls at runtime.

TypeScript:

import { createClient } from "safety-agent";

const client = createClient();

const result = await client.guard({
  input: userMessage
});

if (result.classification === "block") {
  console.log("Blocked:", result.violation_types);
}

Python:

from safety_agent import create_client

client = create_client()

result = await client.guard(input=user_message)

if result.classification == "block":
    print("Blocked:", result.violation_types)

Redact

Remove PII, PHI, and secrets from text automatically.

TypeScript:

const result = await client.redact({
  input: "My email is john@example.com and SSN is 123-45-6789",
  model: "openai/gpt-4o-mini"
});

console.log(result.redacted);
// "My email is <EMAIL_REDACTED> and SSN is <SSN_REDACTED>"

Python:

result = await client.redact(
    input="My email is john@example.com and SSN is 123-45-6789",
    model="openai/gpt-4o-mini"
)

print(result.redacted)
# "My email is <EMAIL_REDACTED> and SSN is <SSN_REDACTED>"

Scan

Analyze repositories for AI agent-targeted attacks such as repo poisoning and malicious instructions.

TypeScript:

const result = await client.scan({
  repo: "https://github.com/user/repo"
});

console.log(result.result);  // Security report
console.log(`Cost: $${result.usage.cost.toFixed(4)}`);

Python:

result = await client.scan(repo="https://github.com/user/repo")

print(result.result)  # Security report
print(f"Cost: ${result.usage.cost:.4f}")

FAQ

Q: Is Superagent open source? A: Yes—repo is MIT-licensed per GitHub license metadata.

Q: How do I install it? A: README shows npm install safety-agent (and uv add safety-agent for Python).

Q: What does it do? A: Guard against prompt injection, redact secrets/PII, and scan repos for threats (per README).

🙏

Source et remerciements

Source: https://github.com/superagent-ai/superagent > License: MIT > GitHub stars: 6,594 · forks: 962

Fil de discussion

Connectez-vous pour rejoindre la discussion.
Aucun commentaire pour l'instant. Soyez le premier à partager votre avis.

Actifs similaires

Defender — Prompt Injection Guardrails for Agents

Defender is an OSS library to detect and neutralize prompt injection in tool outputs; verified 97★ and bundles a ~22MB ONNX model.

Prompts
Prompt Lab

Spikee — Prompt Injection Eval Kit (CLI)

ReversecLabs/spikee is a modular CLI for prompt injection/jailbreak evals; verified 184★ and documents `spikee generate` → `spikee test`.

PromptsCLI Tools
Script Depot

SafeLLMPlayground — Prompt Injection Text-Adventure

Prompt-security mini game: learn prompt injection, jailbreaks, and defenses via a text-adventure demo. Verified 240★; pushed 2026-05-11.

Prompts
AI Open Source

Anamorpher — Image-Scaling Prompt Injection Lab

trailofbits/anamorpher crafts image-scaling attacks for multimodal prompt injection; verified 1,049★ with a uv backend and browser frontend workflow.

Prompts
Script Depot
Accueil🔍Rechercher👤Moi