reyracom

reyracom / Nifra-Agent

Public

AI exploit simulation and continuous security pipeline for LLM apps and AI agents

11
3
100% credibility
Found Mar 17, 2026 at 11 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

NIfra automatically scans AI applications for security vulnerabilities like prompt injection and tool abuse, simulates exploits, and provides fix suggestions.

How It Works

1
🔍 Discover NIfra

While building your smart AI helper, you learn about a friendly security checker that spots hidden dangers in AI apps before they cause trouble.

2
📥 Set it up easily

Grab the tool and get it ready on your computer in moments, no hassle needed.

3
📂 Point it at your app

Tell it where your AI project lives, and it starts exploring your code like a careful friend.

4
🛡️ See the dangers revealed

Watch as it maps out weak spots, explains why they're risky, and even simulates safe attacks to show real threats.

5
📊 Get your security report

Receive a clear summary with pictures of the problems, step-by-step fixes, and confidence scores so you know what's serious.

6
🔧 Fix and test safely

Follow simple suggestions to patch issues, then test vulnerabilities in a safe playground to confirm they're gone.

Your AI is secure

Breathe easy knowing your app is protected from attacks, ready to help users without worries.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 11 to 11 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is Nifra-Agent?

Nifra-Agent is a Python security tool for scanning LLM apps and AI agents, simulating exploits like prompt injection, tool abuse, and data exfiltration in a continuous pipeline. It maps attack surfaces from code, reasons over potential chains with AI, and outputs reports with repro steps and fixes—install via pip, run `nifra scan` on your repo. Like eternalblue exploit github for traditional apps, it targets agent and LLM-specific risks such as RAG poisoning or supply-chain tampering.

Why is it gaining traction?

It stands out with zero-config CI/CD integration via GitHub Actions, covering OWASP LLM Top 10 through extensible YAML attack cases anyone can add—no red team expertise needed. Developers get reproducible exploits (`nifra reproduce`), auto-fixes (`nifra fix`), and SARIF output for security tabs, unlike runtime-only tools like Garak. The exploit simulation feels like vsftpd 2.3.4 exploit github but automated for nextcloud exploit github-style AI pipelines.

Who should use this?

Teams building LangChain or LlamaIndex agents and RAG apps, needing continuous security checks on every PR. Security engineers auditing production LLM pipelines for excessive agency or tool SSRF. Python devs exploiting GitHub Actions for infinite storage-free vuln hunting in AI systems.

Verdict

Early alpha with 11 stars and 1.0% credibility score, but 94% test coverage and playground vulns make it solid for testing. Grab it if securing agents is your bottleneck—mature enough for CI, raw for enterprise.

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.