Agentifact assessment — independently scored, not sponsored. Last verified Mar 6, 2026.

MCP ServerFULL AUTO

Garak

Open-source LLM vulnerability scanner from NVIDIA for automated red-teaming of AI agents and models. Probes for jailbreaks, prompt injection, hallucination, data leakage, misinformation, and toxicity across 18+ attack methods. Supports OpenAI, Hugging Face, LiteLLM, REST APIs, and local GGUF models. Free to use; outputs JSONL vulnerability reports.

Visit GarakVerified · March 6, 2026

✓ Our Verdict

Viable option — review the tradeoffs

Use Case

You need to systematically red-team your LLM endpoints for jailbreaks, prompt injections, hallucinations, and data leaks before deployment.

SolutionGarak automates probing with 50+ modules across 18+ attack vectors, generating JSONL reports on vulnerabilities.

Setuppip install garak; run CLI with garak --model <endpoint> --probes <list>; supports OpenAI, HF, Ollama, REST APIs.

Comprehensive scans in minutes with detailed hit logs; high detection rates (e.g., 90%+ on encoding attacks) but false positives possible; modular for custom probes.

Solid breadth of probes and backends

Use Case

You want ongoing security monitoring for production AI agents across multiple providers without custom scripting.

SolutionGarak's 23 generators connect to any API (LiteLLM, Groq, Bedrock) for repeatable scans piped to dashboards.

SetupCLI flags for scheduling; JSONL/HTML outputs integrate easily with monitoring tools.

Reliable for pre/post-deployment checks; excels on known attacks like DAN/snowball but may miss novel zero-days; free and extensible.

Excellent multi-provider support

Limitation — minor

Probe-focused, not full pentest

Tests predefined 50+ attack modules; lacks dynamic fuzzing or custom agent workflows beyond basic LLM probing.

Caution

API costs during scans

Probes generate 100s of calls to target LLM; monitor provider quotas/billing—use --max_successes to limit.

Trust Breakdown

64

Trust scoreCaution

AGENT

Autonomous workflow delegation

TRUST

Transparency & verification

INTEROP

Protocol compatibility breadth

SECURITY

Security controls & audit trail

DOCS

Documentation completeness

How these scores are calculated →

What It Actually Does

In Plain English

Garak tests AI models and chatbots for security flaws by running attack scenarios that probe for jailbreaks, prompt injection, and harmful outputs. It works with OpenAI, open-source models, and custom APIs, generating detailed vulnerability reports.

Free to use; outputs JSONL vulnerability reports.

Fit Assessment

Best for

✓llm-security-testing
✓vulnerability-scanning

64

Garak

Caution · 64/100

Visit Garak

Score Breakdown

AGENT

Autonomous workflow delegation

TRUST

Transparency & verification

INTEROP

Protocol compatibility breadth

SECURITY

Security controls & audit trail

DOCS

Documentation completeness

Protocol Support

MCP—

A2A—

A2H—

REST API✓

Agent-callable—

Capabilities

Transaction capable—

ACP support—

Audit trace✓

Governance

audit-log

Pricing

Free

Free, open source

Workflow Fit

llm-security-testingvulnerability-scanning

Related Concepts

Browse full Lexicon →

Related Categories

Ready to evaluate Garak in your stack?

FULL AUTO

Visit Garak