whatisgithub

What is redforge-ai?

aimer-zero/redforge-ai — explained in plain English

Analysis updated 2026-05-18

41PythonAudience · developerComplexity · 4/5Setup · moderate

In one sentence

A Python framework for running authorized security tests against AI chatbots, agents, and tool-using systems, with evidence trails and readable reports.

Mindmap

mindmap
  root((RedForge AI))
    What it does
      Scoped security campaigns
      Evidence based traces
      Markdown and HTML reports
    Tech stack
      Python
      FastAPI
      uv
    Use cases
      Test prompt injection
      Test tool misuse
      Test multi agent systems
    Audience
      Security teams
      AI developers
      Researchers

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Run an authorized, scoped security campaign against your own AI chatbot or agent.

USE CASE 2

Test whether a retrieval based system is vulnerable to poisoned documents.

USE CASE 3

Check a multi-agent system for unsafe tool use or trust boundary problems.

USE CASE 4

Generate a readable evidence report to hand to a developer or security reviewer.

What is it built with?

PythonFastAPIuvCLI

How does it compare?

aimer-zero/redforge-aiarthuryangx/nano-notebooklmashuigordon/stata-cli
Stars414141
LanguagePythonPythonPython
Setup difficultymoderatemoderatemoderate
Complexity4/52/53/5
Audiencedeveloperresearcherresearcher

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · moderate Time to first run · 30min

Requires Python 3.11+ and the uv package manager, real target runs require explicit authorization and scope configuration.

License is not stated in the available README excerpt.

So what is it?

RedForge AI is a Python tool for testing the security of AI systems such as chatbots, retrieval based question answering systems, and AI agents that can use tools. It is meant for authorized security testing only, and the project is explicit that it is not a hacking framework or a generic scanner, but a controlled way to evaluate systems you already have permission to test. The tool runs what it calls scoped campaigns: you define exactly which target to attack, which hosts are allowed, and how many attack attempts the run is allowed to make. During a run it records detailed evidence, including the exact payloads sent, the model's responses, any documents retrieved, tool calls made, and any changes to the system's memory. After the run, it produces a report in Markdown and HTML that a developer or security reviewer can read and act on. It looks for problems specific to AI systems, such as prompt injection, jailbreak attempts, poisoned retrieval documents, misuse of tools, and unwanted information leakage. You can run it from the command line, or start it as a web service using FastAPI so other tools can trigger campaigns through an API. It can target a demo agent that comes built in, a general web endpoint, or an OpenAI-compatible API such as OpenAI, Anthropic, or Gemini. It also supports testing systems made of multiple AI agents working together, tracking how tasks get handed off between them and where trust boundaries are crossed. To try it, you need Python 3.11 or newer and the uv package manager. Cloning the repository and running the included setup and demo commands will run a sample security test against the built in vulnerable demo agent and generate a sample report you can inspect. The project describes itself as an early preview, with an architecture split into separate packages for the core engine, plugins, attack packs, target adapters, and the API and CLI layers.

Copy-paste prompts

Prompt 1
Help me set up RedForge AI with uv and run the built in demo campaign.
Prompt 2
Explain how to run a scoped RedForge campaign against my own OpenAI-compatible API.
Prompt 3
Walk me through starting the RedForge API service and hitting its health endpoint.
Prompt 4
Help me register a multi-agent target and interpret the trust boundary findings.
Prompt 5
Explain the difference between RedForge and a generic prompt evaluation framework.

Frequently asked questions

What is redforge-ai?

A Python framework for running authorized security tests against AI chatbots, agents, and tool-using systems, with evidence trails and readable reports.

What language is redforge-ai written in?

Mainly Python. The stack also includes Python, FastAPI, uv.

What license does redforge-ai use?

License is not stated in the available README excerpt.

How hard is redforge-ai to set up?

Setup difficulty is rated moderate, with roughly 30min to a first successful run.

Who is redforge-ai for?

Mainly developer.

Open on GitHub → Ask about another repo

This repo across BitVibe Labs

Verify against the repo before relying on details.