ai-security

Tools for the Fight

Pete McKernan

Pete McKernan

4 min read
Tools for the Fight

Tools for the Fight

I keep meeting people who want to secure their AI systems but don't know where to start.

Not researchers with PhDs and compute budgets. Developers shipping chatbots. Pentesters scoping AI engagements. AppSec engineers reviewing agent architectures. The people who actually have to make these systems safe and have to figure out what that means by Friday.

The gap isn't skill. These are sharp people. The gap is vocabulary. AI security has a jargon problem, and the existing resources either assume you already know the field or bury the practical stuff under pages of theory.

If you're looking for the training path to go with these tools, we published a companion post: AI Red Teaming on a Budget: The Free Path. Every free resource that matters, in the order that matters.

So we built two things.

AI Security Cheat Sheet — Prompt Injection techniques

The Cheat Sheet

AI Security Cheat Sheet

41 techniques across 9 categories. Prompt injection, RAG attacks, agent and MCP exploitation, adversarial ML, evasion, infrastructure targeting, and the tooling to tie it all together. Plus framework mappings to OWASP, MITRE ATLAS, and NIST.

Each technique gets a one-line description, a working payload or approach, and tags for what it targets. No theory. No "further reading" sections that link to papers you'll never open. Just the technique, the payload, the context.

It's a single page. It loads fast. It works on mobile. It's free.

Here's the thing: this isn't a top 10 list. 41 techniques is enough to actually scope an engagement. When someone hands you a chatbot, a RAG pipeline, an agent framework, or an ML model and says "secure it" or "test it," you can open this page and have a methodology in front of you in seconds.

The categories:

  • Prompt Injection: direct overrides, context manipulation, multi-turn escalation, encoding tricks
  • RAG Attacks: corpus poisoning, chunk boundary abuse, citation manipulation, embedding inversion
  • Agent & MCP: tool poisoning, permission escalation, multi-hop chains, state injection
  • Adversarial ML: evasion attacks, model extraction, membership inference, data poisoning
  • Evasion: token smuggling, output filtering bypass, guardrail circumvention
  • Infrastructure: model supply chain, serialization exploits, API abuse
  • Recon: model fingerprinting, capability probing, system prompt extraction
  • Frameworks: OWASP LLM Top 10, MITRE ATLAS, NIST AI RMF mappings
  • Tools: Garak, Counterfit, ART, TextAttack

Every technique maps back to the F.O.R.G.E. framework where applicable. If you already use F.O.R.G.E., this is the quick reference companion.

AI Security Cheat Sheet — Agent and MCP attack techniques

The Plugin

F.O.R.G.E. Plugin for Claude Code

If the cheat sheet is the reference card you pin to the wall, the plugin is the methodology that runs in your terminal.

Six skills that activate automatically based on what you're doing:

Skill What It Does
forge:audit Full codebase security audit. OWASP Top 10 coverage, severity classification, pass/fail verdict.
forge:threat STRIDE-based threat modeling with trust boundary decomposition.
forge:harden Inline secure code review. Catches patterns, suggests remediations.
forge:recon Attack surface enumeration. Endpoints, trust boundaries, entry points.
forge:seed Safe experimentation guidance with blast radius containment.
forge:protocol Security development lifecycle: ASSESS, PLAN, BUILD, VERIFY.

Install it in one line:

claude plugins install itsbroken-ai/forge-plugin

No configuration. No API keys. No setup wizard. It reads your codebase and applies structured security methodology automatically.

We benchmarked it against baseline Claude Code on 24 security assertions across three test scenarios. 24/24 with the plugin. The differentiator isn't that Claude can't do security analysis without it. Claude is good-ish at security. The differentiator is structure. Consistent output formats, reproducible methodology, the same severity definitions every time. The things that matter when you're writing a report, not just poking at code.

The plugin is built on the F.O.R.G.E. framework, the same 8 tactics and 62 techniques we published last month. If the framework is the playbook, the plugin is the playbook running in your IDE.

F.O.R.G.E. Plugin for Claude Code on GitHub

Why Both, Why Now

AI security is moving fast. New attack surfaces every week. New frameworks, new agent architectures, new ways for things to break.

The people who need to test these systems shouldn't have to reinvent methodology from scratch every engagement. The cheat sheet gives you the techniques. The plugin gives you the workflow. Together, they're a starting kit for anyone building or testing AI systems.

Both are free. Both are open source. Both are maintained by operators who actually do this work, not vendors selling you a dashboard.

If you use them and something's wrong, tell me. If you use them and they help, tell me that too. Human_P@itsbroken.ai.

This is the first wave. More tools are coming.

An itsbroken.ai project.
Built by Pete McKernan and the Cipher Circle.

刃 Ashina, the Immortal Blade
⚒ Forge, Artificer of the Circle

Read more