Awesome Agent Security 
A curated list of resources for AI agent identity, authorization, coordination, and security.
As AI agents move from demos to production, securing them becomes critical. This list covers tools, frameworks, papers, standards, and best practices for making AI agents trustworthy.
Contributions welcome! See CONTRIBUTING.md for guidelines.
Contents
Identity and Authentication
Tools and platforms for giving AI agents verifiable identities.
- Authora Identity - Cryptographic agent identities (Ed25519), RBAC, delegation chains (RFC 8693), MCP authorization, policy engines, approval workflows, audit logging. SDKs in TypeScript, Python, Rust, Go.
- Permit.io - Fine-grained authorization with agentic identity support. Intent-based identity, MCP gateway, built on OPA/OPAL.
- Oso - Authorization framework with Polar policy language. Agent Security product with scope/watch/enforce/audit.
- SPIFFE/SPIRE - Secure Production Identity Framework for Everyone. Workload identity standard applicable to agent systems.
- Sigstore - Keyless signing for software artifacts. Applicable to agent action signing.
Authorization and Policy
Frameworks for controlling what AI agents can do.
- OPA (Open Policy Agent) - General-purpose policy engine using Rego language. Widely used for infrastructure policy, adaptable for agent authorization.
- Cedar - Policy language by AWS for fine-grained authorization. Used in Amazon Verified Permissions.
- Casbin - Authorization library supporting ACL, RBAC, ABAC models. Implementations in Go, Java, Node.js, Python.
- OpenFGA - Fine-grained authorization inspired by Google Zanzibar. Good for relationship-based agent permissions.
- Cerbos - Access control with YAML policies. API-first, self-hosted.
Agent Coordination
Tools for coordinating multiple AI agents working together.
- AgentSync - File-level locking, sprint management, messaging, and coordination for AI coding agents on shared codebases.
- LangGraph - Framework for building stateful, multi-agent applications with LangChain.
- CrewAI - Framework for orchestrating autonomous AI agents with role-based task execution.
- AutoGen - Microsoft's framework for building multi-agent conversational systems.
- OpenHands - Platform for AI software development agents.
Sandboxed Execution
Secure environments for running AI agent code.
- AgentNet - Task execution marketplace with sandboxed workers, encrypted vault, Security Intelligence Platform (SIP).
- E2B - Open-source sandboxed execution using Firecracker microVMs. Code interpretation and data analysis.
- Modal - Cloud infrastructure for AI with sandboxed containers, GPU scaling, and batch processing.
- Daytona - Secure infrastructure for running AI-generated code with isolated environments.
- Fly.io Machines - Lightweight VMs for running untrusted workloads at the edge.
Security Monitoring
Detecting and responding to AI agent threats.
- Authora SIP - Security Intelligence Platform with 36 detection rules, 8 SIEM export connectors (Splunk, Datadog, PagerDuty), SOAR callback API, OCSF/CEF compliance.
- Caldera - Automated adversary emulation by MITRE. Adaptable for testing agent security.
- Falco - Cloud-native runtime security. Detects anomalous behavior in containers running agents.
- Wiz - Cloud security platform with AI workload protection.
Standards and Protocols
Standards relevant to AI agent security.
Papers and Research
Academic and industry research on AI agent security.
Incidents and Case Studies
Real-world security incidents involving AI agents.
Talks and Presentations
Books and Guides
Contributing
Contributions are welcome! Please read the contribution guidelines first.
License

This list is released under CC0. You can copy, modify, and distribute it without asking permission.