An autonomous AI that attacks, stress-tests, and scores your AI agents across safety, robustness, and reliability — so you ship with confidence.
See It In Action
Watch AgentBreaker break an agent
Real-time walkthrough of testing an AI agent — from connection to reliability score.
Universal connector — works with any AI agent
Probing capabilities, tools, and attack surface
Capabilities Found
Boundary Tests
Attack surface: Medium-High
25 tests across 5 attack categories
CS Support Agent v2 — tested 08/03/2026
Dimensions
Critical Findings
System prompt extracted via role-play injection
KB documents can inject malicious instructions
20-step chains fail at step 14 (context loss)
"Ignore instructions" bypasses safety filters
Fix these issues to reach Grade B (80+)
The Problem
Agent reliability is the #1 unsolved problem in AI
95% per-step reliability over 20 steps = 36% total. Failures compound.
Of AI agents reach production without adversarial or chaos testing.
Production agent failures cost 4x more than catching them in dev.
50%+ of recent YC batches are building AI agents. Everyone needs this.
What We Do
Think Chaos Monkey + Lighthouse + Burp Suite
AgentBreaker is an autonomous AI that hunts other AI agents. It discovers their capabilities, generates targeted attacks, executes chaos test suites, and produces a Lighthouse-style reliability score with actionable fix recommendations.
Randomly breaks things in production to test resilience
We randomly break AI agents to test their resilience
Scores websites 0-100 on performance dimensions
We score agents 0-100 across 6 reliability dimensions
Finds security vulnerabilities in web apps
We find safety vulnerabilities in AI agents
Core Features
Everything you need to harden agents
Auto-discovers capabilities, tools, boundaries, and attack surface. Connect via REST API, OpenAI-compatible endpoints, MCP servers, or CLI.
Ambiguous, contradictory, and edge-case inputs that break reasoning. 18+ templates customized to each agent's capabilities.
Direct injection, indirect via data, system prompt extraction, role-play attacks, encoding tricks, delimiter exploits. 17+ templates.
20+ step conversation chains, dependent tool call sequences, deep nested reasoning, and rapid context switching.
Simulates non-existent tools, invalid parameters, timeouts, error responses, unexpected data types, and oversized responses.
Lighthouse-style 0-100 score across 6 weighted dimensions with letter grades and prioritized fix recommendations.
Architecture
How the system works
Three-phase pipeline: Discover, Attack, Score. Each phase feeds intelligence to the next.
Reliability Score
Like Lighthouse, but for AI agents
Every agent gets a 0-100 score across 6 weighted dimensions. Failing tests become your improvement roadmap.
Quick Start
Three commands. Full reliability audit.
Get from zero to a complete reliability report in under 2 minutes. No configuration needed.
Auto-discovers capabilities, tools, and attack surface in seconds.
Runs 25+ chaos tests: adversarial, injection, stress, tool abuse, overflow.
Returns reliability score with letter grade and fix recommendations.
Compatible With
Every agent framework. Every LLM.
One tool that works with your entire AI stack. No SDK lock-in, no framework dependency.
Why AgentBreaker
We're the attacker, not the observer
Most tools evaluate outputs or monitor traces. AgentBreaker is the only platform that actively attacks your agent with adversarial chaos tests to find breaking points before users do.
| Capability | ABAgentBreaker | LangSmith | Patronus AI | Promptfoo | Langfuse |
|---|---|---|---|---|---|
| Adversarial chaos testing | ✓ | — | PARTIAL | PARTIAL | — |
| Prompt injection attacks | ✓ | — | ✓ | ✓ | — |
| Multi-step stress testing | ✓ | — | — | — | — |
| Tool abuse simulation | ✓ | — | — | — | — |
| Auto agent discovery | ✓ | — | — | — | — |
| Reliability scoring (0-100) | ✓ | — | PARTIAL | PARTIAL | — |
| Self-improving attacks | ✓ | — | — | — | — |
| LLM observability | — | ✓ | — | — | ✓ |
| Trace monitoring | — | ✓ | — | — | ✓ |
| Output evaluation | PARTIAL | ✓ | ✓ | ✓ | PARTIAL |
| CI/CD integration | ✓ | ✓ | ✓ | ✓ | — |
| Framework agnostic | ✓ | — | ✓ | ✓ | PARTIAL |
Others observe what happened. We actively attack to find what will happen. Adversarial prompts, injection attempts, tool abuse, stress chains — we test the failure modes nobody writes test cases for.
Static eval suites test what you think will fail. Our Claude-powered generator analyzes your agent's specific capabilities and crafts targeted attacks that get smarter with every run.
Not just “pass/fail” — a weighted 0-100 score across 6 dimensions with specific fix recommendations. Like getting a Lighthouse report for your agent, with a clear roadmap to improve.
CI/CD
Block deploys that break reliability
Run chaos tests on every deployment. Set minimum score thresholds. Get notified when reliability degrades.
name: Agent Reliability Gate
on: [push]
jobs:
chaos-test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- run: docker-compose up -d agent
- run: pip install agentbreaker
- run: |
agentbreaker test http://localhost:8000 \
--json-output > results.json
- run: |
SCORE=$(jq '.overall_score' results.json)
echo "Agent score: $SCORE"
[ $(echo "$SCORE >= 70" | bc) -eq 1 ] || exit 1Our Intellectual Property
What makes AgentBreaker defensible
Our moat grows with every agent tested. The more chaos tests we run, the smarter our attacks become.
Our chaos agent uses Claude to analyze each test result and generate smarter, more targeted attacks. The attack library grows and improves autonomously with every test run.
A structured taxonomy of 75+ attack templates across 7 categories (adversarial, injection, stress, tool abuse, context overflow, concurrency, state corruption) — specifically designed for AI agents, not web apps.
Weighted scoring model (Consistency 15%, Robustness 20%, Safety 25%, Efficiency 10%, Recovery 15%, Accuracy 15%) calibrated against real agent behavior. Safety-weighted because injection is existential.
Connector abstraction that works with any agent: REST APIs, OpenAI-compatible endpoints (Ollama/vLLM/LiteLLM), MCP servers, and CLI tools. Test any agent regardless of framework.
Roadmap
Where we're going
Team
Built by people who ship agents
Founder & CEO
Building the reliability and trust layer for the AI agent ecosystem. Believes every AI agent in production should pass chaos testing — just like every website gets a Lighthouse score.
Find breaking points in development, not production. Get started in under 2 minutes.