radanliev/Agentic-AI-Security-Demos
GitHub: radanliev/Agentic-AI-Security-Demos
Agentic AI Security Bootcamp是一个专注于AI系统安全分析的实战训练环境。
Stars: 8 | Forks: 14
第一周、第二周、第三周和第四周的作业:
第一周:
# agentic-ai-observability-lab-
agentic-ai-observability-lab/ │ ├── README.md ├── requirements.txt ├── app.py │ ├── src/ │ ├── agent.py │ ├── retrieval.py │ ├── memory.py │ ├── observability.py │ ├── evaluation.py │ ├── notebooks/ │ └── agentic_observability_lab.ipynb │ └── data/ └── adversarial_prompts.json
# Agentic AI 可观测性与对抗评估实验室
分析高级基于浏览器的实验室:
- 多智能体可观测性
- 提示注入
- 逻辑层提示控制注入(LPCI)
- 对抗评估工具集
## 快速开始(本地)
```
pip install -r requirements.txt
streamlit run app.py
# 第二周 — 从数据层向上确保人工智能安全(作业)
This folder contains four tasks aligned to Week 2 of the Agentic AI Security Bootcamp:
1. **Task 1 — Attack Surface Mapping & Threat Model** (deliverable: `attack_surface-threatmodel.md`)
2. **Task 2 — Data Poisoning Simulation** (deliverable: `poisoning_simulation.py`, outputs: `poisoned_stream.jsonl`)
3. **Task 3 — Red Team: Orchestration & API Fuzzing** (deliverable: `dag_hijack_demo/` scripts and `redteam_report.md`)
4. **Task 4 — Hardening & Governance Implementation** (deliverable: `hardening_playbook.md` and a short demo notebook `hardening_demo.py`)
Requirements:
- Work in a fork or branch. Provide a short technical write-up for each task (200–500 words) and the code artifacts.
- Use the package dependencies listed in the repo `requirements.txt`. Tests should be runnable locally.
- Cite any external tools, datasets, or third-party packages used.
Submission:
- Create a PR to the course repo with a single top-level folder `homework/week-02-data-layer//`.
- Include `redteam_report.md` summarising findings, mitigations, and suggested next steps.
Reference: Week 2 syllabus and learning outcomes. [oai_citation:2‡oreilly.com](https://www.oreilly.com/live-events/agentic-ai-security-bootcamp/0642572236106/)
```
标签:AI 安全培训, AI 系统安全, Apex, API 模糊测试, GitHub Advanced Security, Kubernetes, NoSQL, PyRIT, Python 开发, Streamlit, TShark, XML 请求, 人工智能安全, 可观察性, 合规性, 多智能体系统, 威胁情报, 威胁模型, 安全加固, 安全实践, 安全开发, 安全教育, 安全测试, 安全社区, 对抗性评估, 开发者工具, 技术教程, 攻击性安全, 攻击面映射, 数据中毒模拟, 数据层安全, 机器学习, 治理实施, 红队平台, 网络安全, 访问控制, 逆向工具, 隐私保护