344 MIT rules merged into Microsoft Agent Governance Toolkit, Cisco AI Defense, MISP, OWASP. Microsoft Copilot SWE Agent uses ATR for CVE triage.
344 MIT rules merged into Microsoft Agent Governance Toolkit, Cisco AI Defense, MISP, OWASP. Microsoft Copilot SWE Agent uses ATR for CVE triage.
People
Updated 06/10/26By grantmaking.aicreator
Funding Details
- Start Date
- -
- End Date
- -
- Expected Duration
- -
- Funding Raised to Date
- -
- Annual Budget
- -
- Monthly Burn Rate
- -
- Current Runway
- -
- Funding Goal
- -
- Funding Stage
- -
- Fiscal Sponsor
- -
Project Details
Updated 06/10/26By grantmaking.aiSHORT SUMMARY
MIT-licensed open rule corpus for catching prompt injection, tool poisoning, agent manipulation and supply-chain attacks in live AI agents. Built solo in ~55 days, now at 344 production-validated rules. Already merged into Microsoft Agent Governance Toolkit and Cisco AI Defense, officially adopted by MISP (Taxonomy + Galaxy), and 100 of 113 MITRE ATLAS techniques mapped (88%).
FUNDING ASK
$30k–$50k for 6 months full-time work.
WHY THIS MATTERS
Pre-deployment evals can't catch every emergent behavior once agents are running in production. Runtime detection is basically the only control surface left.
I started ATR after seeing how fast distilled LLMs were being weaponized for information warfare here in Taiwan. The closed vendors have raised hundreds of millions but keep their rules proprietary. I believe an open, community-governed standard (like YARA for malware or Falco for cloud) is the only way safety improvements can actually spread to everyone.
Direct x-risk relevance: In scheming or takeover scenarios, misaligned agents will use exactly the attack patterns ATR is designed to catch in real time.
EMPIRICAL RESULTS
- 97.1% recall on NVIDIA garak (666 samples)
- 0.20% false positive on benign skills
- Scanned 96k+ production agent skills, catalogued 751 malicious instances
- 100% NIST AI RMF v2.1.0 mapping
PRODUCTION DEPLOYMENT
- Microsoft Agent Governance Toolkit (287 rules + weekly auto-sync)
- Cisco AI Defense (full rule pack)
- MISP Taxonomy + Galaxy (just merged this week)
MAINTAINER
I'm Adam Lin, based in Taiwan. No PhD, no institution — just a solo founder who pivoted from real estate, content marketing, and running Taiwan's longest-running hip-hop festival into AI agent security.
WHAT THE FUNDING ENABLES (6 months)
- Expand to 800+ rules with heavier multi-agent and frontier-model focus
- Complete OWASP, EU AI Act, ISO 42001 mappings
- Independent security audit
- Onboard 1–2 additional maintainers
- Keep pushing integrations (PyRIT, crewAI, etc.)
I'm currently self-funding from savings. This regrant would let me go full-time and lock ATR in as the open standard before the window closes.
Links
- Repo: github.com/Agent-Threat-Rule/agent-threat-rules
- Website: agentthreatrule.org
- MISP Galaxy (latest merge): github.com/MISP/misp-galaxy/pull/1207
Grants Received– no grants recorded
Updated 06/10/26By grantmaking.aiDiscussion
No comments yet. Be the first to share your thoughts.