Cette page est affichée en anglais. Une traduction française est en cours.
WorkflowsMay 12, 2026·2 min de lecture

Tracecat — Agentic Security Automation

Tracecat is an open-source security automation platform for teams and AI agents, built on Temporal with sandboxed tool runs and a self-hostable UI.

Agent Toolkit
Agent Toolkit · Community
Prêt pour agents

Cet actif peut être lu et installé directement par les agents

TokRepo expose une commande CLI universelle, un contrat d'installation, le metadata JSON, un plan selon l'adaptateur et le contenu raw pour aider les agents à juger l'adaptation, le risque et les prochaines actions.

Native · 94/100Policy : autoriser
Surface agent
Tout agent MCP/CLI
Type
Cli
Installation
Manual
Confiance
Confiance : Established
Point d'entrée
docker compose -f docker-compose.local.yml up
Commande CLI universelle
npx tokrepo install 8fd01781-6354-57c3-b940-16170d3816b4
contrat d'installationJSON metadataplan adaptateurcontenu raw
Introduction

Tracecat is an open-source security automation platform for teams and AI agents, built on Temporal with sandboxed tool runs and a self-hostable UI.

  • Best for: Security engineering, SOC automation, and agent-driven playbooks
  • Works with: Docker Compose; Temporal; PostgreSQL; integrates with MCP servers (per README)
  • Setup time: 30–90 minutes

Practical Notes

  • GitHub: 3,598 stars · 359 forks; pushed 2026-05-12 (verified via GitHub API).
  • Repo includes docker-compose.dev.yml + docker-compose.local.yml and a justfile wrapper for common workflows.
  • Per README: sandboxed-by-default with nsjail and durable workflows on Temporal.

Main

A practical adoption path:

  1. Start with one playbook. Pick a repeatable task (phishing triage, IOC enrichment, alert dedupe) and model it as a workflow.
  2. Gate “risky tools.” Put human approval in front of actions that touch production systems or customer data.
  3. Version your scripts. Use the code-native registry idea: keep custom Python tools in Git and sync them into Tracecat.
  4. Treat MCP servers as dependencies. Prefer a small, curated set of MCP servers and pin their configs for reproducibility.

If you run this on developer laptops, keep secrets in env vars and rotate them often; for production, use a dedicated environment and audited credentials.

FAQ

Q: Do I need Kubernetes? A: No. The repo ships multiple Docker Compose files; Kubernetes is optional for production scaling.

Q: Can it run untrusted code safely? A: README says it uses nsjail sandboxes by default; still treat inputs as untrusted and apply least privilege.

Q: How do agents interact with it? A: Per README: you can build prompt-to-automations from your own agent harness, and tools can integrate with MCP servers.

🙏

Source et remerciements

Source: https://github.com/TracecatHQ/tracecat > License: AGPL-3.0 > GitHub stars: 3,598 · forks: 359

Fil de discussion

Connectez-vous pour rejoindre la discussion.
Aucun commentaire pour l'instant. Soyez le premier à partager votre avis.

Actifs similaires

Osmedeus — Security Orchestration Engine

Osmedeus is a security orchestration engine with a CLI and workflows for recon and asset inventory—use only on systems you own or are authorized to test.

Workflows
Agent Toolkit

agent-audit — Security Linter for LLM Agents

Run a static security scanner for LLM agents: 53 OWASP Agentic Top 10 rules, prompt-injection checks, and MCP config auditing via agent-audit scan.

CLI Tools
Agent Toolkit

Agentic SOC Platform — LLM-Powered Security Operations

Agentic SOC Platform is an open-source, agent-centric SOC with modules, playbooks, and an incident response UI for local deployment and data control.

Scripts
AI Open Source

Agentic Security — LLM/MCP Red-Team Scanner

Agentic Security is a Python tool to probe LLM apps with attack prompts and run scans; it also ships an MCP server entrypoint for tool-based workflows.

Scripts
Agent Toolkit
Accueil🔍Rechercher👤Moi