Skip to content

Add ATR (Agent Threat Rules) β€” open-source detection rules for MCP threats#87

Open
eeee2345 wants to merge 1 commit intoPuliczek:mainfrom
eeee2345:add-atr
Open

Add ATR (Agent Threat Rules) β€” open-source detection rules for MCP threats#87
eeee2345 wants to merge 1 commit intoPuliczek:mainfrom
eeee2345:add-atr

Conversation

@eeee2345
Copy link
Copy Markdown

@eeee2345 eeee2345 commented Mar 28, 2026

What is ATR?

Agent Threat Rules (ATR) is an open-source set of detection rules for AI agent security threats β€” like YARA/Sigma rules, but for MCP and LLM tool-calling attacks.

Key stats

  • 71 rules across 9 categories (prompt injection, tool poisoning, data exfiltration, credential theft, sandbox escape, etc.)
  • 62.7% recall / 99.7% precision on PINT benchmark
  • OWASP Agentic Top 10: 10/10 coverage (mapping)
  • SAFE-MCP: 91.8% coverage (mapping)
  • TypeScript + Python engines, Splunk/Elastic query converters
  • MIT licensed, community-driven

Why it fits this list

ATR provides the detection layer that complements the MCP security tools already listed here. While other tools focus on runtime protection or auditing, ATR gives the community a shared set of threat patterns that any tool can import and use.

Ecosystem scan

We scanned 36,394 ClawHub skills using ATR β€” found 182 CRITICAL / 1,124 HIGH findings. Full report: https://panguard.ai/research/mcp-ecosystem-scan

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@eeee2345