Tool poisoning and prompt injection framework. Serves adversarial MCP tools, runs automated campaigns against AI models, and reports on injection effectiveness.
inject
inject list-payloads
List available injection payload templates.
counteragent inject list-payloads [OPTIONS]
| Option | Required | Description |
|---|
--technique | No | Filter by technique: description_poisoning, output_injection, cross_tool_escalation |
--target | No | Filter by target agent: claude, gpt, copilot, etc. |
counteragent inject list-payloads
counteragent inject list-payloads --technique description_poisoning
inject serve
Start a malicious MCP server serving configurable payloads. The server presents MCP tools with poisoned descriptions and/or returns injection payloads in tool responses. Connect any MCP client to test how it handles adversarial tool content.
counteragent inject serve [OPTIONS]
| Option | Required | Description |
|---|
--transport | Yes | Transport: stdio or streamable-http |
--port | No | Port for streamable-http listener (default: 8888) |
--payload-dir | No | Directory of custom payload templates to serve |
--config | No | Payload configuration YAML file |
counteragent inject serve --transport stdio
counteragent inject serve \
--transport stdio \
--payload-dir ./my-payloads
inject campaign
Run an injection campaign against an AI model. Systematically tests poisoned tool payloads against the target model via the Anthropic API, scoring each for effectiveness.
counteragent inject campaign [OPTIONS]
| Option | Required | Description |
|---|
--model | No | Anthropic model ID (default: claude-sonnet-4-5-20250929) |
--rounds | No | Number of attempts per payload (default: 1) |
--output | No | Output directory for campaign JSON (default: .) |
--payloads | No | Comma-separated payload names, or all (default: all) |
--technique | No | Filter by technique: description_poisoning, output_injection, cross_tool_escalation |
--target | No | Filter by target agent (e.g., claude, gpt) |
Requires ANTHROPIC_API_KEY environment variable to be set.
counteragent inject campaign \
--model claude-sonnet-4-5-20250929 \
--rounds 3 \
--output results/ \
--technique description_poisoning
inject report
Render a summary report from campaign results. Loads a campaign JSON file and displays a Rich table summary.
counteragent inject report [OPTIONS]
| Option | Required | Description |
|---|
--input / -i | Yes | Path to campaign JSON file |
--format / -f | No | Output format: table or json (default: table) |
counteragent inject report -i results/campaign-20260303T120000.json
counteragent inject report -i results/campaign-20260303T120000.json -f json