◇ AICM MIT LICENSE

Agent Integrity & Compromise Monitor

Open-source security monitoring for AI agents. Detects skill-injection attacks, credential theft, and auto-quarantines compromised agents — built for regulated environments where failure isn't an option.

★ View on GitHub Quick Start ↓ Live Dashboard ↗
◇ What AICM Detects

Real Threats to AI Agent Systems

As AI agents gain autonomy — executing code, accessing databases, managing credentials — they become attack surfaces. AICM monitors for the threats that matter.

Skill-Injection Attacks
Detects when adversaries attempt to inject malicious instructions into agent tool chains, overriding intended behavior to execute unauthorized actions or extract sensitive data.
🔒
Credential Theft
Monitors for unauthorized access to API keys, tokens, database credentials, and secrets that agents handle during normal operations. Alerts on anomalous credential access patterns.
Auto-Quarantine
When compromise is detected, AICM automatically isolates the affected agent — preventing lateral movement across your agent fleet before damage spreads.
👁
Prompt Manipulation
Identifies attempts to override system prompts, bypass safety guardrails, or manipulate agent reasoning through adversarial inputs — a growing attack vector in production systems.
Tool Abuse Detection
Monitors agent tool calls for anomalous patterns — unusual API endpoints, unexpected file system access, excessive data exfiltration, or calls that deviate from baseline behavior.
📈
Behavioral Drift
Tracks agent behavior over time to detect subtle drift — gradual changes in tool usage, response patterns, or decision-making that may indicate slow-burn compromise or model degradation.
◇ Architecture

Sensor → Server → Dashboard

┌─────────────────────────────────────────────────────────────────┐
│                      AICM Architecture                        │
└─────────────────────────────────────────────────────────────────┘

  ┌─────────────┐    ┌─────────────┐    ┌─────────────┐
  │  Agent #1    │    │  Agent #2    │    │  Agent #N    │
  │ ┌─────────┐ │    │ ┌─────────┐ │    │ ┌─────────┐ │
  │ │ Sensor  │ │    │ │ Sensor  │ │    │ │ Sensor  │ │
  │ └────┬────┘ │    │ └────┬────┘ │    │ └────┬────┘ │
  └──────┼──────┘    └──────┼──────┘    └──────┼──────┘
         │                  │                  │
         └──────────────────┼──────────────────┘
                            │ HTTPS / mTLS
                            ▼
  ┌───────────────────────────────────────────────────────────────┐
  │                     AICM Server                              │
  │  ┌──────────────┐  ┌───────────────┐  ┌──────────────────┐  │
  │  │ Policy Engine │  │ Telemetry Ingest│  │ Quarantine Mgr  │  │
  │  └──────────────┘  └───────────────┘  └──────────────────┘  │
  │  ┌────────────────────────────────────────────────────────┐  │
  │  │                FastAPI Backend                         │  │
  │  └────────────────────────────────────────────────────────┘  │
  └───────────────────────────────────────────────────────────────┘
                            │
                            ▼
  ┌───────────────────────────────────────────────────────────────┐
  │  React Dashboard  │  Agent Status  │  Alerts  │  Telemetry  │
  └───────────────────────────────────────────────────────────────┘
◇ Use Cases Across AI

Who AICM Is For

AICM is designed for any team deploying AI agents in production — especially in regulated or high-stakes environments.

Financial Services
AI agents handling transactions, loan processing, or trading require security monitoring that meets regulatory standards. AICM provides the audit trail and quarantine capabilities compliance demands.
Construction & Federal
Agents managing scheduling, RFIs, or USACE compliance on government contracts need verifiable security. AICM monitors agent behavior against defined policy baselines.
Energy & Climate
Carbon tracking, ESG scoring, and grid management agents handling sensitive environmental data. AICM ensures data integrity and prevents unauthorized data exfiltration.
Aviation & Aerospace
Predictive maintenance and safety compliance agents where compromised output could affect flight safety. AICM enforces zero-trust monitoring at the agent level.
Defense & Logistics
Military and supply chain agents operating in adversarial environments. AICM's auto-quarantine prevents compromised agents from affecting operational decisions.
Any Production Agent
If you're deploying AI agents that access APIs, databases, credentials, or make decisions — AICM gives you visibility into what your agents are doing and stops them when they shouldn't.
◇ Why AICM

The Strategic Advantage

01
Open Source Builds Trust
Full source visibility. No black boxes. Developers and security teams can audit every line. MIT licensed — use it anywhere, for anything, forever.
02
Compliance-Ready
Built for regulated environments. Telemetry logging, audit trails, and policy enforcement give you the documentation compliance officers and auditors require.
03
Framework Agnostic
Works with any AI agent framework — LangChain, AutoGPT, CrewAI, custom agents, or Centriv's own vertical agents. Drop in a sensor and you're monitoring.
04
Auto-Quarantine
Don't just alert — act. AICM can automatically isolate compromised agents, preventing lateral movement and damage before your team even sees the alert.
05
Enterprise Pathway
Free OSS core with an enterprise upgrade path: SIEM integration, Postgres telemetry, PagerDuty alerts, mTLS encryption, and compliance reporting dashboards.
06
Battle-Tested Methodology
Built by a team with 40+ years of military and aviation safety methodology. The same risk management rigor from Naval Aviation Safety Officer School now applied to AI agent security.
◇ Quick Start

Up and Running in 5 Minutes

1
Clone the Repository

Download AICM from GitHub.

git clone https://github.com/GReinhold-ai/aicm.git cd aicm
2
Install Dependencies

AICM uses Python (FastAPI backend) and React (dashboard). Install the Python requirements first.

pip install -r requirements.txt
3
Start the AICM Server

Run the FastAPI server that receives telemetry from agent sensors and enforces policies.

# Development uvicorn main:app --reload # Production gunicorn main:app -w 4 -k uvicorn.workers.UvicornWorker
4
Deploy a Sensor to Your Agent

Add the lightweight Python sensor to any AI agent. It monitors behavior and reports telemetry to the AICM server.

# Run once (for testing) python agent_sensor.py --once # Run as daemon (production) python agent_sensor.py --server http://your-aicm-server:8000
5
Launch the Dashboard

View real-time agent status, alerts, and telemetry in the React dashboard. Or visit the live demo.

# Set up React dashboard npm create vite@latest aicm-dashboard -- --template react cp Dashboard.jsx aicm-dashboard/src/ cd aicm-dashboard && npm install && npm run dev

Or view the live dashboard: aicm-beta.vercel.app ↗

◇ Enterprise Edition (Coming Soon)

Production-Grade Agent Security

SIEM Integration
Forward agent telemetry to Splunk, Datadog, or any SIEM for unified security monitoring.
Postgres Telemetry Store
Persistent, queryable telemetry database for historical analysis, forensics, and compliance audits.
PagerDuty Alerts
Real-time alerting through PagerDuty, Slack, or webhooks when agents are compromised or quarantined.
mTLS Encryption
Mutual TLS between sensors and server — ensuring only authenticated agents can report telemetry.
Compliance Reporting
Pre-built reports for SOC 2, HIPAA, and federal compliance requirements for AI agent deployments.
Multi-Tenant Support
Manage agent fleets across multiple teams, environments, and clients from a single AICM instance.
◇ Get Started

Secure Your Agent Fleet

AICM is free, open source, and MIT licensed. Star the repo, deploy a sensor, and start monitoring your agents today.

★ Star on GitHub Enterprise Inquiries → LinkedIn ↗