[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-76389":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":16,"stars7d":17,"stars30d":18,"stars90d":16,"forks30d":16,"starsTrendScore":19,"compositeScore":20,"rankGlobal":10,"rankLanguage":10,"license":21,"archived":22,"fork":22,"defaultBranch":23,"hasWiki":24,"hasPages":22,"topics":25,"createdAt":10,"pushedAt":10,"updatedAt":40,"readmeContent":41,"aiSummary":42,"trendingCount":16,"starSnapshotCount":16,"syncStatus":43,"lastSyncTime":44,"discoverSource":45},76389,"Adrian","secureagentics\u002FAdrian","secureagentics","Runtime security monitoring and control for AI agents. Catches malicious tool use, prompt injection, and policy drift in real time, before the agent acts.","https:\u002F\u002Fapp.adrian.secureagentics.ai\u002F",null,"Python",264,52,5,4,0,118,206,16,75.17,"Apache License 2.0",false,"main",true,[26,27,28,29,30,31,32,33,34,35,36,37,38,39],"agent-security","agents","ai","ai-governance","ai-monitoring","ai-security","langchain","langgraph","llm-security","mcp","observability","prompt-injection","runtime-security","threat-detection","2026-06-11 04:06:43","\u003Cp align=\"center\">\n \u003Cpicture>\n \u003Csource media=\"(prefers-color-scheme: dark)\" srcset=\"assets\u002Fadrian-logo-dark.png\">\n \u003Cimg src=\"assets\u002Fadrian-logo-light.png\" alt=\"Adrian by Secure Agentics\" width=\"400\">\n \u003C\u002Fpicture>\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n \u003Cb>Open-source runtime security monitoring and control for AI agents.\u003C\u002Fb>\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n \u003Ca href=\"LICENSE\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Flicence-Apache--2.0-blue.svg\" alt=\"Licence\" \u002F>\u003C\u002Fa>\n \u003Ca href=\"https:\u002F\u002Fapp.adrian.secureagentics.ai\u002F\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FDashboard-Sign%20Up-22C55E\" alt=\"Dashboard\" \u002F>\u003C\u002Fa>\n \u003Ca href=\"https:\u002F\u002Fpypi.org\u002Fproject\u002Fadrian-sdk\u002F\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fpypi\u002Fv\u002Fadrian-sdk.svg\" alt=\"PyPI\" \u002F>\u003C\u002Fa>\n \u003Ca href=\"https:\u002F\u002Fdiscord.gg\u002F6nmJ9k3u6\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FDiscord-Join-5865F2?logo=discord&logoColor=white\" alt=\"Discord\" \u002F>\u003C\u002Fa>\n \u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fcompany\u002Fsecure-agentics\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FLinkedIn-Follow-0A66C2?logo=linkedin&logoColor=white\" alt=\"LinkedIn\" \u002F>\u003C\u002Fa>\n\u003C\u002Fp>\n\n---\n\nAdrian is an open-source, [AARM-aligned](https:\u002F\u002Faarm.dev) runtime security monitoring and control engine for AI agents. It analyses both agent activity logs (tool calls, actions, outputs) and reasoning traces to detect malicious, misaligned, or out-of-remit behaviour, and optionally intervene in-flight. Python SDK with a two-line install to LangChain agents.\n\n\u003Cp align=\"center\">\n \u003Ca href=\"https:\u002F\u002Fdocs.adrian.secureagentics.ai\">Documentation\u003C\u002Fa>\n  • \n \u003Ca href=\"https:\u002F\u002Fapp.adrian.secureagentics.ai\">Dashboard\u003C\u002Fa>\n  • \n \u003Ca href=\"https:\u002F\u002Fdiscord.gg\u002F6nmJ9k3u6\">Discord\u003C\u002Fa>\n  • \n \u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fcompany\u002Fsecure-agentics\">LinkedIn\u003C\u002Fa>\n\u003C\u002Fp>\n\nhttps:\u002F\u002Fgithub.com\u002Fuser-attachments\u002Fassets\u002F96974b9d-4862-41ac-a499-ef5cfe76e16a\n\n## Quickstart\n\nThe fastest way to try Adrian is the managed dashboard at [app.adrian.secureagentics.ai](https:\u002F\u002Fapp.adrian.secureagentics.ai). Sign-up takes a minute and there is nothing to install beyond the SDK. To run Adrian on your own infrastructure instead, jump to [Self-hosting](#self-hosting) below.\n\n1. Sign up at [app.adrian.secureagentics.ai](https:\u002F\u002Fapp.adrian.secureagentics.ai) and generate an API key.\n\n2. Configure Adrian for your agent and your preferences (remit of your agent, audit vs block mode, alerting channels, accepted behaviours vs known-risks).\n\n3. Install the SDK:\n\n ```sh\n pip install adrian-sdk\n ```\n\n4. Install the LangChain provider for your agent's model (the SDK auto-instruments LangChain \u002F LangGraph; pick whichever provider matches your model):\n\n ```sh\n pip install langgraph langchain-openai # or langchain-anthropic, etc.\n ```\n\n \u003Csup>Last verified with `langchain-core==1.3.3`, `langgraph==1.1.2`, `langchain-openai==1.2.1` (2026-05-08).\u003C\u002Fsup>\n\n5. Wrap your LangChain agent. Two lines of Adrian (`init` + `shutdown`) bracket your normal LangChain \u002F LangGraph code:\n\n ```python\n import asyncio\n import adrian\n from langchain_openai import ChatOpenAI\n\n async def main():\n adrian.init(api_key=\"adr_live_...\")\n llm = ChatOpenAI(model=\"gpt-4o\")\n response = await llm.ainvoke(\n \"Find the most underpriced recent IPOs and build an investment strategy\",\n )\n print(response.content)\n adrian.shutdown()\n\n asyncio.run(main())\n ```\n\n Full runnable version (with env-var checks) at [`examples\u002Fquickstart.py`](examples\u002Fquickstart.py).\n\n6. Run your agent. Events appear in the dashboard within seconds, classified by severity.\n\nFull guide: [Quickstart](https:\u002F\u002Fdocs.adrian.secureagentics.ai\u002Fquickstart).\n\n## Self-hosting\n\nAdrian supports entirely offline, data sovereign deployments using just a handful of docker commands. This repository ships everything needed to run the entire Adrian stack on a single host: the Go backend (WebSocket + dashboard API + AI engine), the Next.js dashboard, the Python SDK, and a Llama.cpp container that serves a local Gemma model. No managed cloud, no telemetry leaving the box.\n\n> **Hardware support:** Tested on NVIDIA GPUs with Gemma 4 (E2B \u002F E4B) which is the model the bootstrap picker downloads by default. CPU-only is technically possible but will be slow on real workloads with those sized models.\n\n### Prerequisites\n\n- A host with Docker + Docker Compose v2.\n- An **NVIDIA GPU** with recent CUDA driver and the [NVIDIA Container Toolkit](https:\u002F\u002Fdocs.nvidia.com\u002Fdatacenter\u002Fcloud-native\u002Fcontainer-toolkit\u002Flatest\u002Finstall-guide.html) installed (for the bundled Llama.cpp classifier). ~10 GB free disk for the model.\n\n### Bring-up\n\n1. **Clone:**\n\n ```\n git clone https:\u002F\u002Fgithub.com\u002Fsecureagentics\u002FAdrian\n cd Adrian\n ```\n\n2. **Run bootstrap.** Creates `data\u002Fadrian.db`, applies migrations, generates a random admin password, and writes `.env`. With no `--gguf` flag, the bootstrap interactively offers to download the recommended on-device classifier (Gemma 4 E4B, ~5 GB, or E2B ~3 GB) into `.\u002Fmodels\u002F`.\n\n ```sh\n # Default: interactive picker downloads Gemma 4 E4B \u002F E2B\n docker compose --profile setup run --rm setup bootstrap\n\n # Already have a GGUF under .\u002Fmodels\u002F? Pass it by name\n docker compose --profile setup run --rm setup bootstrap \\\n --gguf my-model.gguf\n ```\n\n3. **Start the stack.**\n\n ```sh\n docker compose --profile llm up -d\n ```\n\n4. **Open the dashboard.** Browse to `http:\u002F\u002Flocalhost:3000`. Sign in with `admin@localhost` plus the password the bootstrap printed; you'll be prompted to set a new one. Create an SDK API key and configure Adrian to monitor your specific agent from **Settings → Agents → New key**.\n\n5. **Wrap your agent.** The SDK lives in-tree under `sdk\u002F`. Install it into a fresh `.venv` via the bundled Make target (uses [uv](https:\u002F\u002Fdocs.astral.sh\u002Fuv\u002F)):\n\n ```sh\n make sdk-install\n source .venv\u002Fbin\u002Factivate\n ```\n\n Install the LangChain provider for your agent's model into the same venv:\n\n ```sh\n uv pip install langgraph langchain-openai # or your chosen langchain provider\n ```\n\n \u003Csup>Last verified with `langchain-core==1.3.3`, `langgraph==1.1.2`, `langchain-openai==1.2.1` (2026-05-08).\u003C\u002Fsup>\n\n Use the same `adrian.init` snippet as in the [Quickstart](#quickstart) above. The SDK defaults to `ws:\u002F\u002Flocalhost:8080\u002Fws`, so a self-hosted setup needs nothing more than the API key - drop the `ws_url=` line.\n\nTo [reset the admin password](https:\u002F\u002Fdocs.adrian.secureagentics.ai\u002Freference\u002Fbackend#reset-the-admin-password), [change the model](https:\u002F\u002Fdocs.adrian.secureagentics.ai\u002Freference\u002Fbackend#switch-the-local-gguf) and much more check out the dedicated [Docs site](https:\u002F\u002Fdocs.adrian.secureagentics.ai\u002F).\n\n## Why Adrian is different\n\nMost agent monitoring stops at activity logs: APIs, MCP, DB interactions, tool calls, etc. Adrian enhances this by also analysing the agent's reasoning: understanding _why_ it took an action, under what context, and what it is planning on doing next. [Research by OpenAI and DeepMind](https:\u002F\u002Farxiv.org\u002Fpdf\u002F2503.11926) found that combining behaviour and reasoning analysis like this boosts detection accuracy by around 35% and is 4x more likely to catch nuanced attacks. Adrian is the first tool to put that into a deployable security control, and it is free, forever.\n\nFurthermore, most tools in this space are lightweight machine learning classifiers trained to spot patterns which match their training data (usually labelled prompt injection datasets). Adrian takes a different approach: it uses world models that understand risk through reasoning like a human does. It correlates behaviours across a session, holds a working understanding of what the agent is meant to be doing, and assesses each new action against that. The detection logic is closer to a human reviewer's than to pattern matching against examples it has been trained to spot. For example, if your e-commerce agent starts resetting user passwords that isn't going to appear in any training dataset, but this is a risk you should be flagging. This is where you get the meaningful security uplift that allows you to use agentic AI with confidence, and it's exactly why we made Adrian.\n\n\n## Architecture\n\n```mermaid\nflowchart TD\n Agent[Agent runtime] --> SDK[Adrian SDK]\n SDK --> Backend[Adrian backend]\n Backend --> Classifier[Classifier model]\n Classifier --> Verdict{Verdict}\n Verdict --> Control[Control plane]\n Verdict -.->|\"Alert \u002F\u003Cbr>Human Review \u002F\u003Cbr>Block\"| Agent\n```\n\n## Integrations\n\n\u003Ctable>\n \u003Cthead>\n \u003Ctr>\u003Cth>\u003C\u002Fth>\u003Cth>At launch\u003C\u002Fth>\u003Cth>On roadmap\u003C\u002Fth>\u003C\u002Ftr>\n \u003C\u002Fthead>\n \u003Ctbody>\n \u003Ctr>\n \u003Cth align=\"left\">Frameworks\u003C\u002Fth>\n \u003Ctd>\n \u003Ca href=\"https:\u002F\u002Fwww.langchain.com\u002F\">\u003Cimg height=\"32\" src=\"https:\u002F\u002Fcdn.simpleicons.org\u002Flangchain\u002F1FA383\" alt=\"LangChain\">\u003C\u002Fa>\n \u003C\u002Ftd>\n \u003Ctd>\n \u003Ca href=\"https:\u002F\u002Fplatform.openai.com\u002Fdocs\u002Fagents\">\u003Cpicture>\u003Csource media=\"(prefers-color-scheme: dark)\" srcset=\"assets\u002Flogos\u002Fopenai-dark.svg\">\u003Cimg height=\"32\" src=\"assets\u002Flogos\u002Fopenai-light.svg\" alt=\"OpenAI Agents SDK\">\u003C\u002Fpicture>\u003C\u002Fa>  \n \u003Ca href=\"https:\u002F\u002Fdocs.anthropic.com\u002F\">\u003Cimg height=\"32\" src=\"https:\u002F\u002Fcdn.simpleicons.org\u002Fanthropic\u002FD97757\" alt=\"Anthropic Agents SDK\">\u003C\u002Fa>  \n \u003Ca href=\"https:\u002F\u002Fwww.crewai.com\u002F\">\u003Cimg height=\"32\" src=\"https:\u002F\u002Fcdn.simpleicons.org\u002Fcrewai\u002FFF5A50\" alt=\"CrewAI\">\u003C\u002Fa>  \n \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fopenclaw\u002Fopenclaw\">\u003Cimg height=\"32\" src=\"https:\u002F\u002Fraw.githubusercontent.com\u002Fopenclaw\u002Fopenclaw\u002Fmain\u002Fdocs\u002Fassets\u002Fpixel-lobster.svg\" alt=\"OpenClaw\">\u003C\u002Fa>\n \u003C\u002Ftd>\n \u003C\u002Ftr>\n \u003Ctr>\n \u003Cth align=\"left\">Alerting\u003C\u002Fth>\n \u003Ctd>\n \u003Ca href=\"https:\u002F\u002Fdiscord.com\u002F\">\u003Cimg height=\"32\" src=\"https:\u002F\u002Fcdn.simpleicons.org\u002Fdiscord\u002F5865F2\" alt=\"Discord\">\u003C\u002Fa>  \n \u003Ca href=\"https:\u002F\u002Fslack.com\u002F\">\u003Cimg height=\"32\" src=\"assets\u002Flogos\u002Fslack.svg\" alt=\"Slack\">\u003C\u002Fa>\n \u003C\u002Ftd>\n \u003Ctd>\n \u003Ca href=\"https:\u002F\u002Fwww.whatsapp.com\u002F\">\u003Cimg height=\"32\" src=\"https:\u002F\u002Fcdn.simpleicons.org\u002Fwhatsapp\u002F25D366\" alt=\"WhatsApp\">\u003C\u002Fa>  \n \u003Ca href=\"https:\u002F\u002Fwww.microsoft.com\u002Fmicrosoft-teams\u002Fgroup-chat-software\">\u003Cimg height=\"32\" src=\"assets\u002Flogos\u002Fteams.svg\" alt=\"Microsoft Teams\">\u003C\u002Fa>  \n \u003Ca href=\"https:\u002F\u002Fwww.pagerduty.com\u002F\">\u003Cimg height=\"32\" src=\"https:\u002F\u002Fcdn.simpleicons.org\u002Fpagerduty\u002F06AC38\" alt=\"PagerDuty\">\u003C\u002Fa>\n \u003C\u002Ftd>\n \u003C\u002Ftr>\n \u003C\u002Ftbody>\n\u003C\u002Ftable>\n\nFull list: [Integrations](https:\u002F\u002Fdocs.adrian.secureagentics.ai\u002Fintegrations).\n\n## Contributing\n\nSee [CONTRIBUTING.md](CONTRIBUTING.md) for the full guide. In short: sign the [CLA](CLA.md), branch off `main`, follow the PR template, and use British English \u002F no em-dashes in prose.\n\nSee [CONTRIBUTORS.md](CONTRIBUTORS.md) for the list of people who have shaped Adrian, and how to add yourself.\n\n## Licence\n\nAdrian is released under the [Apache 2.0 licence](LICENSE). New source files should carry the SPDX header from [LICENSE_HEADER.txt](LICENSE_HEADER.txt).\n\n## Community\n\n- [Discord](https:\u002F\u002Fdiscord.gg\u002F6nmJ9k3u6) for chat with the team and other Adrian users\n- [LinkedIn](https:\u002F\u002Fwww.linkedin.com\u002Fcompany\u002Fsecure-agentics) for product updates\n","Adrian是一个开源的AI代理运行时安全监控与控制引擎。它通过分析代理活动日志(工具调用、行为、输出)和推理轨迹来检测恶意、不一致或超出权限的行为,并在必要时进行干预。该项目使用Python编写,支持快速集成到LangChain代理中,仅需两行代码即可完成初始化和关闭操作。Adrian特别适合需要确保AI系统按照预期安全运行的场景,如企业级应用、自动化流程管理等,能够有效防止工具滥用、提示注入及策略漂移等问题。",2,"2026-06-11 03:55:00","CREATED_QUERY"]