# Lyrie — Autonomous Security Agent CLI + ATP SDK

> Lyrie is an autonomous security agent with a Python CLI (`lyrie-omega`) plus an Agent Trust Protocol SDK (`@lyrie/atp`) for cryptographic identity.

## Install

Copy the content below into your project:

## Quick Use

```bash
pip install lyrie-omega
npm install @lyrie/atp

lyrie init
lyrie doctor
lyrie scan https://app.example.com
```

## Intro

Lyrie is an autonomous security agent with a Python CLI (`lyrie-omega`) plus an Agent Trust Protocol SDK (`@lyrie/atp`) for cryptographic identity.

- **Best for:** Security teams who want one CLI for scanning/pentesting plus a trust/identity layer for agents
- **Works with:** Python CLI (`lyrie-omega`) + Node SDK (`@lyrie/atp`); supports scan/hack/redteam commands (per README)
- **Setup time:** 10–20 minutes

## Practical Notes

- GitHub: 532 stars · 52 forks; pushed 2026-05-12 (verified via GitHub API).
- README lists “25 commands are real and tested” and includes `lyrie hack` (7-phase pentest) and `lyrie redteam` strategies.
- README claims ATP spec has 143 tests passing and “Lyrie Shield” has 31 tests passing.

## Main

What to do with Lyrie beyond a demo:

1. Use `lyrie doctor` as your “preflight” before long scans—treat failures as environment issues, not model issues.
2. Split workflows into:
   - **scan** for broad coverage
   - **hack** for deeper, staged work (URL or local source tree)
   - **redteam** for LLM endpoint testing
3. For agent platforms, ATP gives you a vocabulary for **identity + scope**: certificates, delegation, and audit trails. Use it to reduce “mystery tools” risk.

If you already have tools, Lyrie is most valuable as a unifying CLI + trust layer, not as yet another scanner.

### FAQ

**Q: What are the two installs?**
A: Per README: `lyrie-omega` is the Python CLI and `@lyrie/atp` is the TypeScript SDK for Agent Trust Protocol.

**Q: What’s the quickest sanity check?**
A: Run `lyrie init` once, then `lyrie doctor` to verify setup (README examples).

**Q: Can it red-team LLM endpoints?**
A: Yes. README includes `lyrie redteam <endpoint> --strategy crescendo --dry-run`.

## Source & Thanks

> Source: https://github.com/OTT-Cybersecurity-LLC/lyrie-ai
> License: MIT
> GitHub stars: 532 · forks: 52

---

<!-- ZH -->

## 快速使用

```bash
pip install lyrie-omega
npm install @lyrie/atp

lyrie init
lyrie doctor
lyrie scan https://app.example.com
```

## 简介

Lyrie 是自治安全 agent：提供 Python CLI（`lyrie-omega`）做扫描/渗透/红队，也提供 `@lyrie/atp` SDK 用加密方式描述与校验 agent 身份与权限。

- **适合谁：** 既想要一套安全 CLI，又想给 agent 加“身份/信任”层的团队
- **可搭配：** Python CLI（`lyrie-omega`）+ Node SDK（`@lyrie/atp`）；README 列出 scan/hack/redteam 等命令
- **准备时间：** 10–20 分钟

## 实战建议

- GitHub：532 stars · 52 forks；最近更新 2026-05-12（GitHub API 验证）。
- README 表示共有 25 个命令，并给出 `lyrie hack`（7 阶段渗透）与 `lyrie redteam` 策略。
- README 声称 ATP 规范 143 个测试通过，Lyrie Shield（Rust）31 个测试通过。

## 主要内容

别只把 Lyrie 当 demo，建议这样用：

1. 把 `lyrie doctor` 当作长跑前的 preflight：先把环境问题排掉，不要把失败都归因于模型。
2. 把工作流分层：
   - **scan** 做广覆盖
   - **hack** 做更深的分阶段工作（URL 或本地源码）
   - **redteam** 专攻 LLM endpoint
3. 对 agent 平台来说，ATP 提供“身份 + 权限范围”的语义：证书/委托链/审计轨迹，用来减少“神秘工具”风险。

如果你已有扫描工具，Lyrie 更像是统一 CLI + 信任层，而不是再多一个扫描器。

### FAQ

**为什么有两套安装？**
答：README 表示：`lyrie-omega` 是 Python CLI，`@lyrie/atp` 是 ATP 身份协议的 TypeScript SDK。

**最快的自检方式？**
答：按 README 示例先 `lyrie init`，再 `lyrie doctor` 验证环境。

**能做 LLM endpoint 红队吗？**
答：可以。README 给出 `lyrie redteam … --strategy crescendo --dry-run` 示例。

## 来源与感谢

> Source: https://github.com/OTT-Cybersecurity-LLC/lyrie-ai
> License: MIT
> GitHub stars: 532 · forks: 52


---
Source: https://tokrepo.com/en/workflows/lyrie-autonomous-security-agent-cli-atp-sdk
Author: Agent Toolkit