Skip to content

yuvraj49d/agentarmor

Folders and files

NameName
Last commit message
Last commit date

Latest commit

ย 

History

24 Commits
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 

Repository files navigation

๐Ÿ›ก๏ธ AgentArmor

Enterprise-grade LLM Security Benchmarking Framework

Benchmark โ€ข Evaluate โ€ข Compare โ€ข Secure Large Language Models

Python FastAPI Streamlit Docker License Status


Overview

AgentArmor is an extensible AI security benchmarking framework designed to evaluate Large Language Models (LLMs) against real-world adversarial attacks, safety risks, reliability concerns, and enterprise security requirements.

The framework enables AI engineers, researchers, and organizations to benchmark multiple LLM providers using a unified evaluation pipeline, standardized attack suites, automated scoring metrics, and enterprise-ready reporting.

Unlike traditional LLM evaluation tools that primarily focus on model quality, AgentArmor emphasizes security-first evaluation, helping teams identify vulnerabilities before deploying AI systems into production.

Supported deployment environments include both cloud-hosted foundation models and locally deployed models through Ollama.


๐Ÿš€ Project Highlights

  • ๐Ÿ›ก๏ธ Security-focused LLM benchmarking framework
  • ๐Ÿค– Supports multiple LLM providers
  • โš™๏ธ Modular plugin architecture
  • ๐Ÿ“Š Automated evaluation metrics
  • ๐Ÿ“‘ Multi-format report generation
  • ๐ŸŒ REST API with FastAPI
  • ๐Ÿ“ˆ Interactive Streamlit dashboard
  • ๐Ÿณ Docker & Docker Compose support
  • ๐Ÿงช Comprehensive pytest test suite

Table of Contents

  • Overview
  • Features
  • Architecture
  • Installation
  • Configuration
  • Usage
  • Reports
  • API
  • Dashboard
  • Docker
  • Extending
  • Roadmap
  • Contributing
  • License

Why AgentArmor?

As organizations increasingly integrate Large Language Models into production systems, evaluating models solely on accuracy is no longer sufficient.

Enterprise AI applications must also demonstrate resilience against:

  • Prompt Injection
  • Jailbreak Attempts
  • System Prompt Leakage
  • Harmful Content Generation
  • Data Leakage
  • Bias
  • Role Override Attacks

AgentArmor provides a unified framework that benchmarks multiple LLM providers using identical attack suites and evaluation metrics, making security comparisons consistent, reproducible, and extensible.

The framework follows a modular plugin architecture, allowing developers to introduce new providers, attack suites, evaluators, and reporting formats without modifying the core benchmarking pipeline.


Key Features

Enterprise Security Benchmarking

Evaluate Large Language Models against realistic adversarial attacks commonly encountered in production AI systems.


Multi-Provider Support

Benchmark multiple LLM providers through a common interface.

Supported providers include:

  • Google Gemini
  • OpenAI
  • Anthropic Claude
  • Ollama
  • Dummy Provider

Comprehensive Attack Library

Built-in security attack suites include:

  • Prompt Injection
  • Jailbreak
  • System Prompt Leakage
  • Harmful Content
  • Data Leakage
  • Bias
  • Role Override

Each attack suite uses curated datasets to evaluate model robustness.


Automated Evaluation

Every benchmark execution produces multiple evaluation metrics including:

  • Security Score
  • Accuracy
  • Relevance
  • Hallucination Detection
  • Latency

Enterprise Reporting

Automatically generate benchmark reports in multiple formats:

  • JSON
  • Markdown
  • HTML
  • CSV

These reports can be integrated into CI/CD pipelines, dashboards, and internal security reviews.


REST API

Expose benchmarking capabilities through FastAPI, enabling integration with external applications and automation pipelines.


Interactive Dashboard

Visualize benchmark results using Streamlit with an interactive dashboard for comparing providers, reviewing scores, and analyzing reports.


Docker Support

Deploy the complete benchmarking framework using Docker and Docker Compose for reproducible environments.


Plugin-Based Architecture

The framework is intentionally modular.

Developers can extend AgentArmor by adding:

  • New LLM Providers
  • New Attack Suites
  • New Evaluation Metrics
  • New Report Writers

without changing the benchmarking pipeline.


Supported LLM Providers

Provider Status
Dummy Provider โœ…
Google Gemini โœ…
OpenAI โœ…
Anthropic Claude โœ…
Ollama โœ…

Supported Attack Suites

Attack Suite Description
Prompt Injection Evaluates resistance against malicious prompt injection attempts.
Jailbreak Tests whether model safety mechanisms can be bypassed.
System Prompt Leakage Detects disclosure of hidden system instructions.
Harmful Content Evaluates responses to unsafe or dangerous requests.
Data Leakage Tests protection against disclosure of confidential information.
Bias Evaluates model responses for discriminatory or biased behavior.
Role Override Measures resistance against attempts to manipulate the model's intended role.

Evaluation Metrics

Each benchmark execution produces standardized metrics for security, quality, and performance.

Metric Description
Security Measures resistance against adversarial attacks.
Accuracy Evaluates correctness of model responses.
Relevance Measures semantic similarity between prompts and responses.
Hallucination Detects fabricated or unsupported information.
Latency Measures response generation time.

Report Formats

AgentArmor automatically generates benchmark reports in multiple formats.

Format Purpose
JSON Machine-readable benchmark output
Markdown Human-readable documentation
HTML Interactive benchmark reports
CSV Spreadsheet analysis and reporting

Technology Stack

Category Technologies
Programming Language Python
API FastAPI
Dashboard Streamlit
AI Providers OpenAI, Gemini, Anthropic, Ollama
Embeddings Sentence Transformers
Containerization Docker, Docker Compose
Testing Pytest
CI/CD GitHub Actions
Reporting HTML, JSON, CSV, Markdown
Configuration YAML, Environment Variables

๐Ÿ—๏ธ Architecture

AgentArmor follows a modular, plugin-based architecture that separates providers, attack suites, evaluation metrics, and reporting into independent components.

This design enables developers to easily extend the framework by adding new providers, attacks, evaluators, or report formats without modifying the core benchmarking pipeline.

Architecture Diagram

Architecture


๐Ÿ“ Project Structure

agentarmor/
โ”‚
โ”œโ”€โ”€ agents/                 # Agent implementations
โ”œโ”€โ”€ api/                    # FastAPI application
โ”œโ”€โ”€ attacks/                # Security attack suites
โ”œโ”€โ”€ clients/                # Provider API clients
โ”œโ”€โ”€ config/                 # Configuration loader & settings
โ”œโ”€โ”€ datasets/               # Attack datasets
โ”œโ”€โ”€ docs/                   # Project documentation
โ”œโ”€โ”€ evaluators/             # Evaluation metrics
โ”œโ”€โ”€ metrics/                # Metric implementations
โ”œโ”€โ”€ models/                 # Shared data models
โ”œโ”€โ”€ pipeline/               # Benchmark execution pipeline
โ”œโ”€โ”€ plugins/                # Provider & attack registry
โ”œโ”€โ”€ providers/              # LLM provider implementations
โ”œโ”€โ”€ reports/                # Generated benchmark reports
โ”‚   โ””โ”€โ”€ writers/            # HTML, JSON, CSV & Markdown writers
โ”œโ”€โ”€ runners/                # Benchmark runners
โ”œโ”€โ”€ scripts/                # Utility scripts
โ”œโ”€โ”€ services/               # Security scorecard services
โ”œโ”€โ”€ templates/              # HTML templates
โ”œโ”€โ”€ tests/                  # Unit tests
โ”‚
โ”œโ”€โ”€ dashboard.py            # Streamlit dashboard
โ”œโ”€โ”€ main.py                 # CLI entry point
โ”œโ”€โ”€ docker-compose.yml
โ”œโ”€โ”€ Dockerfile
โ”œโ”€โ”€ requirements.txt
โ””โ”€โ”€ README.md

โš™๏ธ Installation

Clone the Repository

git clone https://github.com/<your-username>/agentarmor.git

cd agentarmor

Create a Virtual Environment

Windows

python -m venv .venv

.venv\Scripts\activate

Linux / macOS

python3 -m venv .venv

source .venv/bin/activate

Install Dependencies

pip install --upgrade pip

pip install -r requirements.txt

๐Ÿ”‘ Configuration

Create a .env file in the project root.

Example:

#########################################
# Google Gemini
#########################################

GEMINI_API_KEY=your_gemini_api_key

DEFAULT_MODEL=gemini-2.5-flash

#########################################
# OpenAI
#########################################

OPENAI_API_KEY=your_openai_api_key

OPENAI_MODEL=gpt-4o-mini

#########################################
# Anthropic
#########################################

ANTHROPIC_API_KEY=your_anthropic_api_key

ANTHROPIC_MODEL=claude-3-5-haiku-latest

#########################################
# Ollama
#########################################

OLLAMA_BASE_URL=http://localhost:11434

OLLAMA_MODEL=llama3.2:3b

๐Ÿ“ฆ Installing Ollama

If you want to benchmark local models without cloud APIs:

Install Ollama

https://ollama.com

Download a lightweight model:

ollama pull llama3.2:3b

Verify installation:

ollama list

Run the server:

ollama serve

๐Ÿš€ Running AgentArmor

Run the complete benchmark suite.

python main.py

Example output:

Benchmarking Provider: Google Gemini

Running attack suite: Prompt Injection

Running attack suite: Jailbreak

Running attack suite: Harmful Content

Running attack suite: Data Leakage

Running attack suite: Bias

Running attack suite: Role Override

Generating reports...

Benchmark Complete

๐Ÿงช Running Unit Tests

Execute the full test suite.

pytest

Run a specific test:

pytest tests/test_prompt_injection.py

Generate verbose output:

pytest -v

๐ŸŒ FastAPI

Swagger API

Swagger

Launch the REST API.

uvicorn api.app:app --reload

Default URL

http://127.0.0.1:8000

Swagger UI

http://127.0.0.1:8000/docs

ReDoc

http://127.0.0.1:8000/redoc

๐Ÿ“ˆ Streamlit Dashboard

Dashboard Preview

Dashboard

Launch the interactive dashboard.

streamlit run dashboard.py

Default URL

http://localhost:8501

The dashboard provides:

  • Provider comparison
  • Security scorecards
  • Benchmark summaries
  • Generated reports
  • Interactive visualizations

๐Ÿณ Docker

Build the project.

docker compose build

Run the services.

docker compose up

Run in detached mode.

docker compose up -d

Stop the containers.

docker compose down

โšก Supported Execution Modes

AgentArmor supports multiple ways to execute benchmarks.

Mode Description
CLI Run using python main.py
FastAPI REST API for automation and integrations
Streamlit Interactive dashboard for visual benchmarking
Docker Containerized deployment
GitHub Actions Continuous Integration

๐Ÿ“Œ Configuration Files

File Purpose
.env API keys and provider configuration
config/config.yaml Providers, attacks, and benchmark settings
requirements.txt Python dependencies
docker-compose.yml Multi-container deployment
Dockerfile Container image definition

๐Ÿ“Š Benchmark Reports

After each benchmark execution, AgentArmor automatically generates reports in multiple formats for analysis, auditing, and integration into enterprise workflows.

Generated reports are stored in the reports/ directory.

reports/
โ”œโ”€โ”€ benchmark_report.csv
โ”œโ”€โ”€ benchmark_report.md
โ”œโ”€โ”€ latest_report.json
โ”œโ”€โ”€ report.html
โ””โ”€โ”€ report.md

Supported formats include:

Format Description
JSON Machine-readable output for automation and integrations
Markdown Human-readable benchmark summary
HTML Interactive report suitable for sharing
CSV Spreadsheet-friendly report for analysis

๐Ÿ“„ Sample Benchmark Output

CLI Benchmark

CLI

Example CLI execution:

Benchmarking Provider: Google Gemini

Running attack suite: Prompt Injection

Running attack suite: Jailbreak

Running attack suite: System Prompt Leakage

Running attack suite: Harmful Content

Running attack suite: Data Leakage

Running attack suite: Bias

Running attack suite: Role Override

============================================================
          AGENTARMOR SECURITY SCORECARD
============================================================

Provider : Google Gemini

Attack                            Score     Status

------------------------------------------------------------

Prompt Injection                  92.0      PASS

Jailbreak                         89.0      PASS

System Prompt Leakage             96.0      PASS

Harmful Content                   94.0      PASS

Data Leakage                      97.0      PASS

Bias                              90.0      PASS

Role Override                     93.0      PASS

------------------------------------------------------------

Overall Score : 93.0

Risk Level    : LOW

๐Ÿ“ˆ Provider Leaderboard

When benchmarking multiple providers, AgentArmor automatically generates a ranked leaderboard.

Example:

Rank Provider Overall Score Risk
1 Ollama 97.14 LOW
2 Google Gemini 93.20 LOW
3 OpenAI 92.70 LOW
4 Anthropic Claude 91.90 LOW
5 Dummy Provider 64.00 HIGH

๐Ÿ”Œ Extending AgentArmor

AgentArmor is designed using a plugin-based architecture that makes it easy to introduce new providers, attack suites, evaluation metrics, and report writers.


Adding a New Provider

  1. Create a provider inside the providers/ directory.

  2. Inherit from BaseProvider.

  3. Implement:

    • get_name()
    • generate()
  4. Register the provider in PluginRegistry.

  5. Add the provider to config/config.yaml.


Adding a New Attack Suite

  1. Create a new attack class inside attacks/.
  2. Inherit from BaseAttack.
  3. Create a corresponding dataset inside datasets/.
  4. Register the attack in PluginRegistry.
  5. Update the configuration file.

Adding a New Evaluator

  1. Create a new evaluator inside evaluators/.
  2. Inherit from BaseEvaluator.
  3. Implement the evaluate() method.
  4. Register the evaluator in the evaluation engine.

Adding a New Report Writer

  1. Create a writer inside reports/writers/.
  2. Implement a write() method.
  3. Register it in ReportGenerator.

๐ŸŒ REST API

AgentArmor exposes benchmark functionality through FastAPI.

Example endpoint:

POST /benchmark

Example request:

{
  "provider": "gemini",
  "attack_suite": "prompt_injection"
}

Example response:

{
  "provider": "Google Gemini",
  "overall_score": 93.2,
  "risk": "LOW",
  "results": [
    {
      "attack": "Prompt Injection",
      "score": 92,
      "passed": true
    }
  ]
}

๐Ÿงฉ Plugin Architecture

AgentArmor follows a modular plugin architecture.

Each component has a clearly defined responsibility.

BaseProvider
โ”‚
โ”œโ”€โ”€ DummyProvider
โ”œโ”€โ”€ GeminiProvider
โ”œโ”€โ”€ OpenAIProvider
โ”œโ”€โ”€ AnthropicProvider
โ””โ”€โ”€ OllamaProvider


BaseAttack
โ”‚
โ”œโ”€โ”€ PromptInjectionAttack
โ”œโ”€โ”€ JailbreakAttack
โ”œโ”€โ”€ SystemPromptLeakageAttack
โ”œโ”€โ”€ HarmfulContentAttack
โ”œโ”€โ”€ DataLeakageAttack
โ”œโ”€โ”€ BiasAttack
โ””โ”€โ”€ RoleOverrideAttack


BaseEvaluator
โ”‚
โ”œโ”€โ”€ SecurityEvaluator
โ”œโ”€โ”€ AccuracyEvaluator
โ”œโ”€โ”€ RelevanceEvaluator
โ”œโ”€โ”€ HallucinationEvaluator
โ””โ”€โ”€ LatencyEvaluator

โšก Performance Considerations

AgentArmor has been designed with extensibility and maintainability in mind.

Key design decisions include:

  • Modular plugin architecture
  • Provider abstraction layer
  • Attack dataset separation
  • Evaluation engine abstraction
  • Multiple report writers
  • Configuration-driven execution
  • Support for both cloud-hosted and local LLMs

These design choices simplify maintenance while enabling rapid integration of new providers and benchmark capabilities.


๐Ÿงช Testing

The project includes automated unit tests covering the major framework components.

Current test coverage includes:

  • Provider registration
  • Attack loading
  • Configuration loading
  • Evaluation engine
  • Security scorecards
  • Report generation
  • FastAPI endpoints
  • Multiple providers
  • Multiple attack suites

Run all tests:

pytest

Run a specific test:

pytest tests/test_provider_failure.py

๐Ÿ“š Documentation

Additional documentation is available inside the docs/ directory.

docs/
โ”œโ”€โ”€ architecture.md
โ”œโ”€โ”€ PRD.md
โ””โ”€โ”€ ROADMAP.md

These documents provide further details about the framework architecture, product requirements, and planned enhancements.


๐Ÿ—บ๏ธ Roadmap

The following roadmap outlines planned improvements for future releases of AgentArmor.

Version 1.0.0 (Current Release)

  • โœ… Multi-provider benchmarking
  • โœ… Plugin-based architecture
  • โœ… Prompt Injection testing
  • โœ… Jailbreak testing
  • โœ… System Prompt Leakage testing
  • โœ… Harmful Content evaluation
  • โœ… Data Leakage evaluation
  • โœ… Bias evaluation
  • โœ… Role Override evaluation
  • โœ… Security scorecards
  • โœ… Multi-format report generation
  • โœ… FastAPI integration
  • โœ… Streamlit dashboard
  • โœ… Docker & Docker Compose support
  • โœ… GitHub Actions CI
  • โœ… Ollama local model support

Version 1.1 (Planned)

  • ๐Ÿ”ฒ Additional LLM providers
  • ๐Ÿ”ฒ OWASP LLM Top 10 benchmark suite
  • ๐Ÿ”ฒ Custom attack dataset import
  • ๐Ÿ”ฒ Parallel benchmark execution
  • ๐Ÿ”ฒ Authentication for REST API
  • ๐Ÿ”ฒ Benchmark history and trend analysis
  • ๐Ÿ”ฒ Enhanced dashboard visualizations

Version 2.0 (Future Vision)

  • ๐Ÿ”ฒ Multi-modal model benchmarking
  • ๐Ÿ”ฒ Agent-to-agent security evaluation
  • ๐Ÿ”ฒ Automatic benchmark scheduling
  • ๐Ÿ”ฒ Kubernetes deployment
  • ๐Ÿ”ฒ MLflow integration
  • ๐Ÿ”ฒ Enterprise user management
  • ๐Ÿ”ฒ Distributed benchmark execution
  • ๐Ÿ”ฒ Benchmark comparison across model versions

๐Ÿค Contributing

Contributions are welcome and appreciated.

If you would like to contribute:

  1. Fork the repository.
  2. Create a new feature branch.
git checkout -b feature/my-feature
  1. Commit your changes.
git commit -m "Add my feature"
  1. Push your branch.
git push origin feature/my-feature
  1. Open a Pull Request.

Please ensure that:

  • New features include appropriate tests.
  • Existing tests continue to pass.
  • Code follows the project's style and architecture.
  • Documentation is updated when necessary.

๐Ÿงช Development Workflow

Before submitting changes, run the following commands:

Install dependencies

pip install -r requirements.txt

Run tests

pytest

Run the benchmark

python main.py

Start the API

uvicorn api.app:app --reload

Launch the dashboard

streamlit run dashboard.py

๐Ÿ“„ License

This project is released under the MIT License.

See the LICENSE file for complete licensing information.


๐Ÿ™ Acknowledgements

AgentArmor builds upon several outstanding open-source projects and libraries.

Special thanks to the communities behind:

  • FastAPI
  • Streamlit
  • Docker
  • Pytest
  • Sentence Transformers
  • Hugging Face
  • Ollama
  • OpenAI
  • Google Gemini
  • Anthropic

Their contributions to the AI ecosystem make projects like AgentArmor possible.


๐Ÿ“ฌ Contact

For questions, suggestions, bug reports, or feature requests:

  • Open a GitHub Issue
  • Submit a Pull Request
  • Start a GitHub Discussion

Community contributions and feedback are always welcome.


๐Ÿ”ฎ Future Enhancements

Potential future enhancements include:

  • Additional benchmark datasets
  • More provider integrations
  • Custom evaluation metrics
  • Benchmark scheduling
  • Distributed execution
  • Authentication & authorization
  • Report versioning
  • Historical benchmark tracking
  • Cloud deployment templates
  • Enterprise observability integrations

โญ Why AgentArmor?

AgentArmor was created to provide a practical, extensible framework for evaluating the security and reliability of Large Language Models in real-world scenarios.

By combining multiple providers, adversarial attack suites, automated evaluation metrics, and comprehensive reporting into a unified framework, AgentArmor enables developers and organizations to benchmark AI systems consistently and identify potential risks before production deployment.

The project emphasizes modularity, extensibility, and ease of integration, making it suitable for experimentation, enterprise evaluation workflows, and future research.


๐Ÿš€ Getting Started

Clone the repository, configure your provider credentials, and run your first benchmark in just a few commands.

git clone https://github.com/yuvraj49d/agentarmor.git

cd agentarmor

python -m venv .venv

# Windows
.venv\Scripts\activate

# Linux/macOS
source .venv/bin/activate

pip install -r requirements.txt

python main.py

Built With

  • Python
  • FastAPI
  • Streamlit
  • Docker
  • Pytest
  • Sentence Transformers
  • Hugging Face
  • Google Gemini
  • OpenAI
  • Anthropic
  • Ollama

๐ŸŒŸ Support the Project

If you find AgentArmor useful:

  • โญ Star the repository
  • ๐Ÿ› Report issues
  • ๐Ÿ’ก Suggest new features
  • ๐Ÿค Contribute improvements
  • ๐Ÿ“ข Share the project with the AI community

Your support helps improve the framework and encourages continued development.


Built with โค๏ธ for the AI Engineering Community

AgentArmor aims to make Large Language Model security benchmarking more accessible, extensible, and production-ready for developers, researchers, and organizations.

About

Enterprise-grade LLM Security Benchmarking Framework supporting multiple LLM providers, adversarial attack suites, automated evaluation metrics, FastAPI, Streamlit, Docker, and enterprise reporting.

Topics

Resources

License

Code of conduct

Contributing

Security policy

Stars

0 stars

Watchers

0 watching

Forks

Packages

 
 
 

Contributors