Sixi AI is an open-source tool that automatically finds security vulnerabilities in your AI agents — chatbots, MCP servers, A2A endpoints — across 6 industry frameworks. Connect your agent, run a scan, get a clear report.
19
ATTACK AGENTS
134
TECHNIQUES
6
FRAMEWORKS
3
LLM PROVIDERS
What It Does
Traditional security tools weren't built for systems that understand natural language. Sixi AI was designed specifically for the AI agent era.
19 autonomous agents probe for prompt injection, data leakage, excessive agency, and goal hijacking — the same vectors real adversaries use.
Every finding comes with evidence, severity scoring, framework mapping, and step-by-step remediation. No vague risk scores.
REST chatbots, MCP tool servers, A2A agent networks — one tool to test them all, regardless of how they're deployed.
Findings map to OWASP LLM Top 10, MITRE ATLAS, STRIDE, LINDDUN, MAESTRO, and PASTA. Great for audits and compliance reviews.
How It Works
Connect to any AI agent — chatbot, MCP server, or A2A endpoint. REST, WebSocket, or protocol-native. Takes about a minute.
19 attack agents run 134 techniques in parallel with multi-model rotation. Grab a coffee — it handles the rest.
Get severity-scored findings with evidence, framework mappings, and clear remediation steps. Export as PDF or JSON.
Use Cases
If you're building or deploying AI agents that interact with users, partners, or other AI systems — Sixi AI can help you find the weak spots.
AI advisors, fraud-detection bots, trading assistants — test them for prompt injection and data exfiltration before they go live.
Clinical data agents, drug-interaction checkers, patient-record bots — make sure they resist prompt attacks and don't leak sensitive data.
Triage chatbots, diagnostic assistants, patient portals — catch hallucinated medical advice and unauthorized data access early.
Customer-facing chatbots, internal copilots, MCP tool servers — if users can talk to it, it should be tested.
Citizen-facing AI assistants, policy chatbots, internal workflows — evidence-backed assessments for compliance requirements.
Shopping assistants, recommendation engines, support bots — prevent goal hijacking and inventory exfiltration.
Framework Coverage
Every finding is mapped to the frameworks security teams already know — making reports easy to understand and act on.
OWASP LLM Top 10
Prompt injection, data leakage, excessive agency
MITRE ATLAS
Adversarial ML threat framework
MAESTRO
7-layer agentic AI reference model
STRIDE
Threat classification taxonomy
LINDDUN
Privacy threat modeling
PASTA
Risk-centric threat analysis
Sign up, point it at your agent, and see the results. No credit card, no strings attached.
About
Sixi AI started as a weekend project between colleagues across Europe. We noticed that everyone is shipping AI agents — chatbots, MCP servers, A2A networks — but barely anyone is testing them for security vulnerabilities.
So we built a tool that does it automatically. It's open-source, it's free to try, and we keep improving it because we genuinely think this problem matters. If you find it useful, we'd love to hear from you.
The Team
Built across Europe
We're a small group of engineers and security folks spread across three countries, collaborating on evenings and weekends.
Open source, privacy-first
Your scan data stays on your machine. No telemetry, no tracking. The tool runs locally — we never see your agent's data.