Skillget

Adrian

mcp
Security Audit
Pass
Health Pass
  • License — License: Apache-2.0
  • Description — Repository has a description
  • Active repo — Last push 0 days ago
  • Community trust — 39 GitHub stars
Code Pass
  • Code scan — Scanned 12 files during light audit, no dangerous patterns found
Permissions Pass
  • Permissions — No dangerous permissions requested

No AI report is available for this listing yet.

SUMMARY

Runtime security monitoring and control for AI agents. Catches malicious tool use, prompt injection, and policy drift in real time, before the agent acts.

README.md

Adrian by Secure Agentics

Open-source runtime security monitoring and control for AI agents.

Licence Dashboard PyPI Discord LinkedIn

Adrian is an open-source, AARM-aligned runtime security monitoring and control engine for AI agents. It analyses both agent activity logs (tool calls, actions, outputs) and reasoning traces to detect malicious, misaligned, or out-of-remit behaviour, and optionally intervene in-flight. Python SDK with a two-line install to LangChain agents.

Documentation  •  Dashboard  •  Discord  •  LinkedIn

https://github.com/user-attachments/assets/96974b9d-4862-41ac-a499-ef5cfe76e16a

Quickstart

The fastest way to try Adrian is the managed dashboard at app.adrian.secureagentics.ai. Sign-up takes a minute and there is nothing to install beyond the SDK. To run Adrian on your own infrastructure instead, jump to Self-hosting below.

  1. Sign up at app.adrian.secureagentics.ai and generate an API key.

  2. Configure Adrian for your agent and your preferences (remit of your agent, audit vs block mode, alerting channels, accepted behaviours vs known-risks).

  3. Install the SDK:

    pip install adrian-sdk

  4. Install the LangChain provider for your agent's model (the SDK auto-instruments LangChain / LangGraph; pick whichever provider matches your model):

    pip install langgraph langchain-openai   # or langchain-anthropic, etc.

    Last verified with langchain-core==1.3.3, langgraph==1.1.2, langchain-openai==1.2.1 (2026-05-08).

  5. Wrap your LangChain agent. The whole integration is a two-line attach:

    import adrian
adrian.init(api_key="adr_live_...")

# Your LangChain / LangGraph code runs normally; every call is captured.

    Full runnable async example at examples/quickstart.py, with a demo agent you can swap for your own.

  6. Run your agent. Events appear in the dashboard within seconds, classified by severity.

Full guide: Quickstart.

Self-hosting

Adrian supports entirely offline, data sovereign deployments using just a handful of docker commands. This repository ships everything needed to run the entire Adrian stack on a single host: the Go backend (WebSocket + dashboard API + AI engine), the Next.js dashboard, the Python SDK, and a Llama.cpp container that serves a local Gemma model. No managed cloud, no telemetry leaving the box.

Hardware support: Tested on NVIDIA GPUs with Gemma 4 (E2B / E4B) which is the model the bootstrap picker downloads by default. CPU-only is technically possible but will be slow on real workloads with those sized models.

Prerequisites

  • A host with Docker + Docker Compose v2.
  • An NVIDIA GPU with recent CUDA driver and the NVIDIA Container Toolkit installed (for the bundled Llama.cpp classifier). ~10 GB free disk for the model.

Bring-up

  1. Clone:

    git clone https://github.com/secureagentics/Adrian
cd Adrian

  2. Run bootstrap. Creates data/adrian.db, applies migrations, generates a random admin password, and writes .env. With no --gguf flag, the bootstrap interactively offers to download the recommended on-device classifier (Gemma 4 E4B, ~5 GB, or E2B ~3 GB) into ./models/.

    # Default: interactive picker downloads Gemma 4 E4B / E2B
docker compose --profile setup run --rm setup bootstrap

# Already have a GGUF under ./models/? Pass it by name
docker compose --profile setup run --rm setup bootstrap \
    --gguf my-model.gguf

  3. Start the stack.

    docker compose --profile llm up -d

  4. Open the dashboard. Browse to http://localhost:3000. Sign in with admin@localhost plus the password the bootstrap printed; you'll be prompted to set a new one. Create an SDK API key and configure Adrian to monitor your specific agent from Settings → Agents → New key.

  5. Wrap your agent. The SDK lives in-tree under sdk/. Install it into a fresh .venv via the bundled Make target (uses uv):

    make sdk-install
source .venv/bin/activate

    Install the LangChain provider for your agent's model into the same venv:

    uv pip install langgraph langchain-openai   # or your chosen langchain provider

    Last verified with langchain-core==1.3.3, langgraph==1.1.2, langchain-openai==1.2.1 (2026-05-08).

    Use the same adrian.init snippet as in the Quickstart above. The SDK defaults to ws://localhost:8080/ws, so a self-hosted setup needs nothing more than the API key - drop the ws_url= line.

To reset the admin password, change the model and much more check out the dedicated Docs site.

Why Adrian is different

Most agent monitoring stops at activity logs: APIs, MCP, DB interactions, tool calls, etc. Adrian enhances this by also analysing the agent's reasoning: understanding why it took an action, under what context, and what it is planning on doing next. Research by OpenAI and DeepMind found that combining behaviour and reasoning analysis like this boosts detection accuracy by around 35% and is 4x more likely to catch nuanced attacks. Adrian is the first tool to put that into a deployable security control, and it is free, forever.

Furthermore, most tools in this space are lightweight machine learning classifiers trained to spot patterns which match their training data (usually labelled prompt injection datasets). Adrian takes a different approach: it uses world models that understand risk through reasoning like a human does. It correlates behaviours across a session, holds a working understanding of what the agent is meant to be doing, and assesses each new action against that. The detection logic is closer to a human reviewer's than to pattern matching against examples it has been trained to spot. For example, if your e-commerce agent starts resetting user passwords that isn't going to appear in any training dataset, but this is a risk you should be flagging. This is where you get the meaningful security uplift that allows you to use agentic AI with confidence, and it's exactly why we made Adrian.

Architecture

flowchart TD
    Agent[Agent runtime] --> SDK[Adrian SDK]
    SDK --> Backend[Adrian backend]
    Backend --> Classifier[Classifier model]
    Classifier --> Verdict{Verdict}
    Verdict --> Control[Control plane]
    Verdict -.->|"Alert /<br>Human Review /<br>Block"| Agent

Integrations

At launchOn roadmap
Frameworks LangChain OpenAI Agents SDK   Anthropic Agents SDK   CrewAI   OpenClaw
Alerting Discord   Slack WhatsApp   Microsoft Teams   PagerDuty

Full list: Integrations.

Contributing

See CONTRIBUTING.md for the full guide. In short: sign the CLA, branch off main, follow the PR template, and use British English / no em-dashes in prose.

See CONTRIBUTORS.md for the list of people who have shaped Adrian, and how to add yourself.

Licence

Adrian is released under the Apache 2.0 licence. New source files should carry the SPDX header from LICENSE_HEADER.txt.

Community

  • Discord for chat with the team and other Adrian users
  • LinkedIn for product updates

Reviews (0)

No results found