What is Superagent SDK — Guardrails Against Prompt Injection?

Superagent SDK helps protect AI apps: detect prompt injections, redact PII/secrets, scan repos for poisoning, and integrate via TS/Python, CLI, or MCP.

Is Superagent SDK — Guardrails Against Prompt Injection free to use?

Yes. Superagent SDK — Guardrails Against Prompt Injection is freely available on TokRepo. Check the Source & Thanks section on the asset page for the specific open-source license.

How do I install Superagent SDK — Guardrails Against Prompt Injection?

Visit the asset page on TokRepo and click "Copy for agent" to get the installation instructions. Most assets can be installed with a single command.

简介

Superagent SDK 是开源的 agent 安全工具箱：用于防提示词注入、PII/密钥脱敏，以及仓库威胁扫描。它提供 TS/Python SDK 与 CLI，GitHub 已验证 6,594★。

最适合： 需要在运行时检测提示词注入、并对 PII/密钥脱敏的 agent 应用/平台

适配： TypeScript/Python SDK；可选 CLI；可通过 MCP 与 Claude 工具链集成（见仓库文档）

配置时间： 10–25 分钟

关键事实（已验证）

README 列出核心能力：Guard（注入检测）、Redact（脱敏）、Scan（仓库扫描）。
README 给出 npm install safety-agent 与 SUPERAGENT_API_KEY 环境变量。
README 提到可用开源权重模型在 50–100ms 延迟范围内运行（README 自述）。
GitHub：6,594 stars · 962 forks；最近更新 2026-04-11（GitHub API 验证）。

正文

把安全护栏像可观测性一样接入：

对每条用户输入、以及每次工具调用指令都跑 Guard。
在日志/存档前先 Redact，避免把 PII/密钥写入系统。
对 agent 可读取的仓库，把 Scan 放进 CI，提前发现投毒/恶意指令模式。

建议先以“只报告不拦截”的方式上线，观察误报率后再逐步开启阻断策略。

README 原文节选（verbatim）

Superagent SDK

Make your AI apps safe.

Website · Docs · Discord · HuggingFace

An open-source SDK for AI agent safety. Block prompt injections, redact PII and secrets, scan repositories for threats, and run red team scenarios against your agent.

Features

Guard

Detect and block prompt injections, malicious instructions, and unsafe tool calls at runtime.

TypeScript:

import { createClient } from "safety-agent";

const client = createClient();

const result = await client.guard({
  input: userMessage
});

if (result.classification === "block") {
  console.log("Blocked:", result.violation_types);
}

Python:

from safety_agent import create_client

client = create_client()

result = await client.guard(input=user_message)

if result.classification == "block":
    print("Blocked:", result.violation_types)

Redact

Remove PII, PHI, and secrets from text automatically.

TypeScript:

const result = await client.redact({
  input: "My email is john@example.com and SSN is 123-45-6789",
  model: "openai/gpt-4o-mini"
});

console.log(result.redacted);
// "My email is <EMAIL_REDACTED> and SSN is <SSN_REDACTED>"

Python:

result = await client.redact(
    input="My email is john@example.com and SSN is 123-45-6789",
    model="openai/gpt-4o-mini"
)

print(result.redacted)
# "My email is <EMAIL_REDACTED> and SSN is <SSN_REDACTED>"

Scan

Analyze repositories for AI agent-targeted attacks such as repo poisoning and malicious instructions.

TypeScript:

const result = await client.scan({
  repo: "https://github.com/user/repo"
});

console.log(result.result);  // Security report
console.log(`Cost: $${result.usage.cost.toFixed(4)}`);

Python:

result = await client.scan(repo="https://github.com/user/repo")

print(result.result)  # Security report
print(f"Cost: ${result.usage.cost:.4f}")

FAQ

Superagent 是开源的吗？ 答：是：GitHub 许可证信息显示为 MIT。

怎么安装？ 答：README 给出 npm install safety-agent（Python 也有 uv add safety-agent）。

主要做什么？ 答：按 README：注入检测、脱敏、仓库威胁扫描等安全能力。

Superagent SDK — Guardrails Against Prompt Injection

这个资产可以被 Agent 直接读取和安装

简介

关键事实（已验证）

正文

README 原文节选（verbatim）

Superagent SDK

Features

Guard

Redact

Scan

FAQ

来源与感谢

讨论

相关资产

Defender — Prompt Injection Guardrails for Agents

Spikee — Prompt Injection Eval Kit (CLI)

SafeLLMPlayground — Prompt Injection Text-Adventure

Anamorpher — Image-Scaling Prompt Injection Lab