Skip to content
Standards Coverage

ATR maps to every major AI security framework.

Go from "understand the threat" to "detect it" without building rules from scratch.

How to read this
PINT (850 samples)

ATR reaches 99.6% precision and 0.25% FP on PINT's 850 MCP adversarial samples — rules rarely fire on legitimate MCP traffic.

HackAPrompt (4,780 samples)

ATR catches 66.2% of the 4,780 HackAPrompt competition samples at 100% precision — roughly 2-in-3 attacks caught with no false alarms.

SKILL.md (341 samples)

ATR reaches 100% precision and 0% FP on 341 real-world SKILL.md samples — no false positives on legitimate MCP skill definitions.

garak (3,475 prompts)

ATR reaches 97.1% recall on garak's community jailbreak corpus — ATR-core rule families cover ~80%+ of what garak probes.

OWASP Agentic
10/10
SAFE-MCP
78/85 (91.8%)
OWASP AST10
7/10
PINT F1
77.3

OWASP Agentic Top 10

10/10 categories covered.

ASI01
Agent Goal Hijack
13
STRONG
ASI02
Tool Misuse & Exploitation
11
STRONG
ASI03
Identity & Privilege Abuse
9
STRONG
ASI04
Agentic Supply Chain Vulnerabilities
8
STRONG
ASI05
Unexpected Code Execution / RCE
8
STRONG
ASI06
Memory & Context Poisoning
8
STRONG
ASI07
Insecure Inter-Agent Communication
5
MODERATE
ASI08
Cascading Failures
4
MODERATE
ASI09
Human-Agent Trust Exploitation
5
MODERATE
ASI10
Rogue Agents
7
MODERATE

OWASP Agentic Skills Top 10 (AST10)

8/10 categories with rule coverage. 3 categories are process/meta-level (not pattern-detectable).

AST01
Malicious Skills
7
STRONG
AST02
Supply Chain Compromise
8
STRONG
AST03
Over-Privileged Skills
4
MODERATE
AST04
Insecure Metadata
3
MODERATE
AST05
Unsafe Deserialization
3
MODERATE
AST06
Weak Isolation
3
PARTIAL
AST07
Update Drift
2
PARTIAL
AST08
Poor Scanning
0
GAP (meta-concern)
AST09
No Governance
0
GAP (process-level)
AST10
Cross-Platform Reuse
1
PARTIAL

SAFE-MCP (OpenSSF)

78 of 85 techniques covered (91.8%).

View full SAFE-MCP mapping on GitHub

MITRE ATLAS

Per-rule MITRE ATLAS references in each rule YAML. Grouped by tactic in the rule explorer.

Browse rules with MITRE mappings