RedForge AI v0.1.0
First public release of RedForge AI: an evidence-first red-teaming framework for authorized LLM application, RAG, AI agent, tool-use, memory, and model supply-chain security evaluation.
Highlights
- Scoped campaign execution with explicit targets, allow-listed hosts, attack budgets, and authorization metadata.
- Replayable evidence traces covering payloads, model responses, retrieved context, tool calls, memory mutations, side effects, and evaluator reasoning.
- Local CLI workflow for running the built-in vulnerable demo agent and generating Markdown/HTML reports.
- FastAPI service mode for integrating campaign runs and report access into internal workflows.
- OpenAI-compatible target adapter for testing authorized model/application endpoints.
- Public baseline attack catalog for prompt injection, jailbreak, RAG, tool, memory, and agent security checks.
- Extensible package layout for target adapters, attack packs, reports, schemas, and plugins.
Quick Start
git clone https://github.com/Aimer-zero/redforge-ai.git
cd redforge-ai
make setup
make demo
uv run redforge doctor
open "$(uv run redforge latest-report --path-only --format html)"Notes
RedForge AI is intended only for systems you own, operate, or have explicit authorization to test. It is not a generic web scanner, not a C2 framework, and not a claim that a system is absolutely safe.