Tencent AI-Infra-Guard — Multi-Layer Agent Red Teaming Framework
AI relevance: AI agents now span infrastructure, protocols, and model layers — but no single detection paradigm fits all of them. AI-Infra-Guard addresses this gap with layer-specific red teaming.
Key Points
- Tencent Zhuque Lab released AI-Infra-Guard as open source for comprehensive AI agent security assessment
- Covers 75+ AI components with 1,400+ vulnerability rules across infrastructure, protocol/tool, agent behavior, and model layers
- Includes dedicated MCP server auditing using LLM-driven agentic analysis — signatures alone cannot catch protocol-level flaws
- Agent skill supply-chain scanning targets the growing attack surface of skill packages and plugins
- Jailbreak evaluation harness includes 26+ attack operators tested across 16 datasets
- Layer-paradigm matching principle: deterministic rules for infrastructure, LLM auditing for protocols, multi-turn red teaming for agent behavior, statistical testing for model alignment
- First open-source framework to span all layers including agent skill supply-chain auditing
Why It Matters
AI agents are not monolithic — they run on infrastructure (vLLM, Triton), communicate via protocols (MCP, A2A), exhibit emergent behavior, and depend on model alignment. A vulnerability at any layer can compromise the entire system. Traditional security tools apply one detection method uniformly, but infrastructure flaws need signature matching while protocol flaws need semantic analysis. AI-Infra-Guard's layered approach matches the detection paradigm to each attack surface layer, providing more accurate and actionable results.
The framework arrives as agent supply-chain attacks accelerate. Malicious MCP servers, poisoned agent skills, and jailbroken models have all been exploited in 2025-2026. Defenders need tooling that covers the full stack, not just one layer.
What to Do
- Deploy AI-Infra-Guard to audit your AI agent deployments across all four layers
- Use infrastructure scanning to identify exposed AI components and misconfigurations
- Run MCP server audits to catch protocol-level flaws that signatures miss
- Scan agent skills and plugins for supply-chain risks before deployment
- Integrate jailbreak testing into your model evaluation pipeline