Securing the AI Agent: A Unified Framework for Multi-Layer Agent Red Teaming
Summary
AI-Infra-Guard is an open-source framework for multi-layer red teaming of AI agents, covering infrastructure, protocol, behavior, and model layers with diverse detection paradigms.
View Cached Full Text
Cached at: 07/06/26, 06:35 AM
Paper page - Securing the AI Agent: A Unified Framework for Multi-Layer Agent Red Teaming
Source: https://huggingface.co/papers/2606.31227
Abstract
AI-Infra-Guard is an open-source framework that addresses AI infrastructure security through layered detection paradigms spanning infrastructure, protocol, agent behavior, and model layers.
The fast growth of open-source AI infrastructure, from model serving engines and agent platforms to theModel Context Protocol(MCP) ecosystem and the language models themselves, has outpaced the security tooling available to defend it. We present AI-Infra-Guard, an open-source framework that organizesAI red teamingaround a single observation: the attack surface of an AI agent is stratified across layers (infrastructure, protocol/tool, agent behavior, and model), and no single detection paradigm fits all of them. The framework therefore matches a paradigm to each layer, from deterministic rule matching over 75+ AI components and 1{,}400+ vulnerability rules, throughLLM-driven agentic auditingof MCP servers and agent-skill packages and multi-turnblack-box agent red teaming, to ajailbreak harnesswith 26+ attack operators over sixteen datasets. To our knowledge it is the only open-source framework to span all of these, includingsupply-chain auditingof the agent skills that increasingly extend AI agents. We release AI-Infra-Guard as open source so thatlayer-paradigm matchingcan serve as a practical foundation for agent security and a shared base for the community to build on.
View arXiv pageView PDFAdd to collection
Get this paper in your agent:
hf papers read 2606\.31227
Don’t have the latest CLI?curl \-LsSf https://hf\.co/cli/install\.sh \| bash
Models citing this paper0
No model linking this paper
Cite arxiv.org/abs/2606.31227 in a model README.md to link it from this page.
Datasets citing this paper0
No dataset linking this paper
Cite arxiv.org/abs/2606.31227 in a dataset README.md to link it from this page.
Spaces citing this paper0
No Space linking this paper
Cite arxiv.org/abs/2606.31227 in a Space README.md to link it from this page.
Collections including this paper0
No Collection including this paper
Add this paper to acollectionto link it from this page.
Similar Articles
Securing the future of AI agents
DeepMind introduces an AI Control Roadmap, a defense-in-depth framework for securing internal AI agents against potential misalignment, treating them as insider threats and implementing layered detection, prevention, and response measures.
@0x0SojalSec: Awesome AI Security : Everyone’s racing to deploy AI agents, Almost few peoples is securing them properly. this repo co…
A curated GitHub repository aggregating frameworks, tools, attack matrices, red team guides, policy templates, datasets, and research for securing AI systems, covering topics like prompt injection, jailbreaking, and OWASP/NIST standards.
Security on the path to AGI
OpenAI outlines comprehensive security measures on the path to AGI, including AI-powered cyber defense, continuous adversarial red teaming with SpecterOps, and security frameworks for emerging AI agents like Operator. The company emphasizes proactive threat detection, industry collaboration, and security integration into infrastructure and models.
AI agent management tools by governance layer not by feature list
An analysis highlighting that most enterprise AI agent security investments focus on model layer guardrails and observability, leaving critical gaps at the access and protocol layers. Citing a 2026 report, 75% of enterprise AI agents remain unsecured due to near-zero coverage in these layers.
Advancing red teaming with people and AI
OpenAI publishes a white paper detailing their approach to external red teaming for AI models, outlining methods for selecting diverse red team members, determining model access levels, providing testing infrastructure, and synthesizing feedback to improve AI safety and policy coverage.