McKern3l

McKern3l / RAGdrag

Public

RAG pipeline security testing toolkit - 27 techniques across 6 kill chain phases, mapped to MITRE ATLAS

itsbroken.airagdrag ai-security cli kill-chain llm-security mitre-atlas
10
3
100% credibility
Found Mar 26, 2026 at 10 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

RAGdrag is a security assessment toolkit designed to test AI systems that retrieve and use external knowledge bases for vulnerabilities like data exfiltration and poisoning.

How It Works

1
🔍 Discover the Tool

You hear about RAGdrag, a handy kit for checking if AI chat helpers have security weak spots in how they pull info from their knowledge stash.

2
📥 Get It Ready

You grab the kit and set it up quickly on your computer, no fuss needed.

3
🎯 Aim at Your AI Chat

You tell the kit where your AI chat system lives, like pointing to a friend's house.

4
Pick Your Check
👀
Quick Fingerprint

See if it uses a knowledge retrieval system and what kind.

💎
Deep Data Pull

Try to gently tease out hidden info or credentials.

👂
Listen for Leaks

Set up a catcher to grab any spilled secrets from web fetches.

5
▶️ Run the Test

Hit go, and it quietly probes your AI chat for common weak points like data leaks or tricks.

6
📊 Review the Results

Get a clear report showing what vulnerabilities it found, with tips on risks.

Strengthen Your AI

Use the insights to patch holes, making your AI chat safer and more trustworthy.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 10 to 10 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is RAGdrag?

RAGdrag is a Python RAG pipeline security testing toolkit that implements 27 techniques across six kill chain phases—fingerprint, probe, exfiltrate, poison, hijack, evade—mapped to MITRE ATLAS. Point its CLI at any RAG GitHub example or production endpoint, like LangChain-based rag github langchain setups or rag pipeline Azure deployments, to detect vector DBs, extract KB contents, or capture leaked credentials via URL fetchers. It solves the gap in treating RAG systems as full retrieval attack surfaces, beyond basic prompt injection.

Why is it gaining traction?

Its structured kill chain and pre-built payloads for enterprise chatbots stand out from generic LLM pentest tools, offering targeted rag pipeline evaluation like DB fingerprinting and guardrail bypasses in one pip-installable package. The quick-start CLI (fingerprint -t url, exfiltrate --deep) and optional labs repo for rag pipeline explained demos hook security devs fast, no config needed. MITRE ATLAS mapping ties it to real standards, unlike scattered rag github repos.

Who should use this?

Red teamers assessing rag github open source projects or rag pipeline llm apps in customer support bots. Pentesters probing rag pipeline architecture in rag github copilot integrations or OpenWebUI/n8n flows. Defensive devs hardening their rag github python pipelines before prod.

Verdict

Alpha-stage with 10 stars and 1.0% credibility score means incomplete phases and no tests here—check the labs repo first. Solid for early RAG security audits if you validate on authorized targets; watch for maturity.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.