1
Agent Threat Rules (ATR): open detection rule corpus for AI agent attacks
ProposalGrant
Closes June 12th, 2026$0raised
$30,000minimum funding
$50,000funding goal
Offer to donate
32 daysleft to contribute
You're pledging to donate if the project hits its minimum goal and gets approved. If not, your funds will be returned.
SHORT SUMMARY
MIT-licensed open rule corpus for catching prompt injection, tool poisoning, agent manipulation and supply-chain attacks in live AI agents. Built solo in ~55 days, now at 344 production-validated rules. Already merged into Microsoft Agent Governance Toolkit and Cisco AI Defense, officially adopted by MISP (Taxonomy + Galaxy), and 100 of 113 MITRE ATLAS techniques mapped (88%).
FUNDING ASK
$30k–$50k for 6 months full-time work.
WHY THIS MATTERS
Pre-deployment evals can't catch every emergent behavior once agents are running in production. Runtime detection is basically the only control surface left.
I started ATR after seeing how fast distilled LLMs were being weaponized for information warfare here in Taiwan. The closed vendors have raised hundreds of millions but keep their rules proprietary. I believe an open, community-governed standard (like YARA for malware or Falco for cloud) is the only way safety improvements can actually spread to everyone.
Direct x-risk relevance: In scheming or takeover scenarios, misaligned agents will use exactly the attack patterns ATR is designed to catch in real time.
EMPIRICAL RESULTS
- 97.1% recall on NVIDIA garak (666 samples)
- 0.20% false positive on benign skills
- Scanned 96k+ production agent skills, catalogued 751 malicious instances
- 100% NIST AI RMF v2.1.0 mapping
PRODUCTION DEPLOYMENT
- Microsoft Agent Governance Toolkit (287 rules + weekly auto-sync)
- Cisco AI Defense (full rule pack)
- MISP Taxonomy + Galaxy (just merged this week)
MAINTAINER
I'm Adam Lin, based in Taiwan. No PhD, no institution — just a solo founder who pivoted from real estate, content marketing, and running Taiwan's longest-running hip-hop festival into AI agent security.
WHAT THE FUNDING ENABLES (6 months)
- Expand to 800+ rules with heavier multi-agent and frontier-model focus
- Complete OWASP, EU AI Act, ISO 42001 mappings
- Independent security audit
- Onboard 1–2 additional maintainers
- Keep pushing integrations (PyRIT, crewAI, etc.)
I'm currently self-funding from savings. This regrant would let me go full-time and lock ATR in as the open standard before the window closes.
Links
- Repo: github.com/Agent-Threat-Rule/agent-threat-rules
- Website: agentthreatrule.org
- MISP Galaxy (latest merge): github.com/MISP/misp-galaxy/pull/1207
There are no bids on this project.