ZIRAN Agent Security Scan

Version updated for https://github.com/taoq-ai/ziran to version v0.8.0.

• This action is used across all versions by 1 repositories.

Action Type

This is a Composite action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

ZIRAN is an AI agent security testing tool designed to identify vulnerabilities in agents that utilize tools, memory, and multi-step reasoning. It automates the discovery of dangerous tool combinations, detects side effects from agent actions, and executes multi-phase attack campaigns guided by a knowledge graph. By providing autonomous penetration testing and multi-agent coordination, ZIRAN addresses complex security challenges in AI systems, offering a framework-agnostic solution for comprehensive agent security assessments.

Release notes

What’s Changed

• feat: expand tool chain patterns from 32 to 102 via YAML registry by @leoneperdigao in https://github.com/taoq-ai/ziran/pull/25
• feat: add prompt encoding/obfuscation engine for bypass testing by @leoneperdigao in https://github.com/taoq-ai/ziran/pull/26
• feat: add multi-turn jailbreak tactics by @leoneperdigao in https://github.com/taoq-ai/ziran/pull/27
• feat: add BOLA/BFLA authorization bypass testing by @leoneperdigao in https://github.com/taoq-ai/ziran/pull/28
• feat: add Promptfoo provider bridge by @leoneperdigao in https://github.com/taoq-ai/ziran/pull/29
• feat: add OpenTelemetry tracing instrumentation by @leoneperdigao in https://github.com/taoq-ai/ziran/pull/30
• docs: update for v0.8 release by @leoneperdigao in https://github.com/taoq-ai/ziran/pull/31

Full Changelog: https://github.com/taoq-ai/ziran/compare/v0...v0.8.0

• taoq-ai
• GitHub Actions