π‘οΈ Lyrie
The autonomous security agent.
Pentests apps. Defends agents. Researches binaries. Trains itself. One daemon.
Install Β· Quick Start Β· Commands Β· ATP Β· Security
π What's New in v3.1.0
- Memory Encryption: XChaCha20-Poly1305 implementation for sensitive threat data (
@noble/ciphers) - 7 New PoC Generators: prompt injection, auth bypass, CSRF, open redirect, race condition, secret exposure, XXE
- 3 New Deep Scanners: Rust analysis, taint engine, AI deep analysis
- UI Workspace Fix: Proper
@lyrie/atpworkspace resolution - Expanded Test Suite: 1,737 tests passing across
@lyrie/atp,@lyrie/core,@lyrie/gateway,@lyrie/mcp,@lyrie/ui - New Security Modules: Domain verification, ML-based threat classifier, URL guardianship
- Fully backward compatible with v3.0.0 β no migration required
See CHANGELOG.md for the complete list.
What is Lyrie?
Lyrie is an autonomous security agent built by OTT Cybersecurity LLC. It runs end-to-end pentests, red-teams LLM endpoints, scans code and live URLs, and ships with the Agent Trust Protocol (ATP) β the first open cryptographic standard for AI agent identity.
Two installs, one tool:
| Component | Language | Install | What it does |
|---|---|---|---|
lyrie-omega |
Python | pip install lyrie-omega |
CLI for scanning, pentesting, red-teaming, governance |
@lyrie/atp |
TypeScript/Node | npm install @lyrie/atp |
Agent Trust Protocol SDK β cryptographic agent identity |
π Install
# Option 1: one-line installer (installs both)
curl -sSL https://lyrie.ai/install.sh | bash
# Option 2: install separately
pip install lyrie-omega
npm install @lyrie/atpAfter install:
lyrie init # one-time setup wizard
lyrie doctor # verify everything worksβ‘ Quick Start
# Scan a live URL for security misconfigurations
lyrie scan https://app.example.com
# Run a 7-phase autonomous pentest
lyrie hack https://app.example.com
lyrie hack ./myapp # local source tree
lyrie hack ./myapp --stage scan --output report.json
# AI red-team an LLM endpoint
lyrie redteam https://api.openai.com/v1/chat --strategy crescendo --dry-run
# Check CVSS score
lyrie cvss 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'
# Self-diagnostic
lyrie doctorπ Commands
All 25 commands are real and tested. Run lyrie <command> --help for details.
Core security
lyrie hack <target> # 7-phase autonomous pentest (URL or local path)
lyrie scan <target> # Scan file/dir/URL for vulnerabilities
lyrie redteam <endpoint> # AI red-team an LLM endpoint
lyrie cvss <vector> # CVSS v3.1 scoring
lyrie exploit --cve <id> # SMT-backed exploit feasibility
lyrie validate --target <url> # Agentic exploitability validation
lyrie intel --repo <url> # GitHub OSS forensics evidence collection
lyrie smt --check <expr> # Z3 SMT solver interfaceBinary analysis (Omega)
lyrie omega analyze <binary> # Static binary analysis
lyrie omega rop <binary> # ROP gadget search
lyrie omega smt <binary> # SMT constraint analysis
lyrie omega replay <session> # Replay recorded sessionIdentity & trust (ATP)
lyrie atp verify <agent-id> # Verify agent identity + scope
lyrie atp badge --show # Display compliance badge
lyrie atp receipt <session-id> # Audit trail for a sessionOperations
lyrie init # First-time setup wizard
lyrie doctor # Self-diagnostic (env, deps, keys, network)
lyrie auth setup # Configure API keys interactively
lyrie auth set --key NAME # Set a specific key (prompts securely)
lyrie auth list # Show configured keys (redacted)
lyrie config show # Show config file contents
lyrie config path # Print config file pathAutomation & lifecycle
lyrie daemon --threat-watch # Continuous threat detection
lyrie service install # Install as system service (launchd/systemd)
lyrie service status # Service status
lyrie cron list # List scheduled jobs
lyrie cron add "*/5 * * * *" "lyrie scan https://example.com"Governance & compliance
lyrie governance assess --interactive # NIST AI RMF 8-question assessment
lyrie governance permissions tools.json # Audit tool permissions for risk
lyrie tools audit # Risk assessment of installed tools
lyrie memory integrity-check # Detect tampered memoriesSelf-improvement
lyrie evolve dream # Full cycle: score β extract β prune β summarize
lyrie evolve stats # Domain breakdown
lyrie evolve train --export atropos # Export training dataModels & migration
lyrie models list # List available LLM aliases
lyrie models route <task-type> # Show routing decision (cyber, code, seo, trading)
lyrie models health # Health-check all model providers
lyrie migrate --detect # Auto-detect existing agent platforms
lyrie migrate --from openclaw # Import from another platformSkills
lyrie skills list # List installed skills
lyrie skills search <query> # Search skill library
lyrie skills install <skill-id> # Install a skill
lyrie skills run <skill-id> # Execute a skillπ‘οΈ Capabilities
Autonomous pentesting (lyrie hack)
7-phase pipeline: recon β fingerprint β scan β exploit β PoC β report. Works on live URLs and local source trees. Outputs SARIF for GitHub Code Scanning.
URL security scan (lyrie scan <url>)
Checks every site for:
- Security headers (CSP, HSTS, X-Frame-Options, etc.)
- TLS version and cert expiry
- Common exposed paths (
.env,.git/config,/admin, etc.) - Server version disclosure
AI red-teaming (lyrie redteam)
5 attack strategies against LLM endpoints:
- crescendo β gradual escalation
- tap β tree-of-attacks-with-pruning
- pair β prompt automatic iterative refinement
- gcg β gradient-based suffix attack (full: H200 required)
- autodan β genetic algorithm black-box (full: GPU required)
Agent Trust Protocol (ATP)
Open cryptographic standard for AI agent identity. Ed25519 signatures, delegation chains, revocation lists, multisig. Spec at atp.lyrie.ai. 143 tests passing.
Lyrie Shield (Rust)
Production-grade security engine: hash-signature scanning, heuristic analysis, WAF, rogue-AI detector. 31 tests passing.
π ATP β Agent Trust Protocol
The first open cryptographic standard for AI agent identity. Think TLS for agents.
import { issueCertificate, verifyAic } from '@lyrie/atp';
// Issue a scoped certificate
const aic = await issueCertificate({
subjectPublicKey: agentPubKey,
scope: { tools: ['scan', 'read'], maxBudget: 100 },
issuerPrivateKey: rootKey,
ttlSeconds: 3600,
});
// Verify it
const result = await verifyAic(aic, trustAnchor);
if (result.valid) {
// Agent is authorized
}Full spec: atp.lyrie.ai Β· Whitepaper PDF
π Configuration
# Interactive setup
lyrie auth setup
# Or set individual keys
lyrie auth set --key ANTHROPIC_API_KEY # prompts securely (no shell history)
lyrie auth set --key OPENAI_API_KEY
lyrie auth set --key GITHUB_TOKEN
# View configured keys (redacted)
lyrie auth listKeys are stored at ~/.lyrie/config.json with chmod 600 (user-only).
Known keys: ANTHROPIC_API_KEY, OPENAI_API_KEY, GITHUB_TOKEN, LYRIE_LICENSE_KEY, CODEQL_CLI, CODEQL_QUERIES.
ποΈ Architecture
βββββββββββββββββββββββββββββββββββββββββββββββββββ
β lyrie CLI β
β (Python β lyrie-omega, this repo) β
ββββββββββββββ¬ββββββββββββββββββββββββββββββββββββββ
β
βββββββββββ΄ββββββββββ
βΌ βΌ
ββββββββββββ ββββββββββββββββ
β omega β β @lyrie/atp β
β engine β β (Node.js) β
β (Rust + β β β
β Python) β β Ed25519 β
β β β delegation β
β CodeQL, β β revocation β
β SMT, ROP β β multisig β
ββββββββββββ ββββββββββββββββpackages/atp/β TypeScript Agent Trust Protocol SDK (npm:@lyrie/atp)packages/omega-suite/β Python CLI + analysis engines (PyPI:lyrie-omega)packages/shield/β Rust security scanner (WAF + rogue-AI + threat scoring)
β Quality
- ATP: 143 tests passing
- Core: 1,455 tests passing (memory, pentest, scanners, PoC-gen, threat-intel, providers)
- Gateway: 74 tests passing
- MCP: 12 tests passing
- UI: 53 tests passing
- Shield: 31 tests passing
- CLI: 25 commands, all functional
- Security audit: 39 findings closed (see SECURITY.md)
π Links
- Platform: lyrie.ai
- ATP Spec: atp.lyrie.ai
- Research: research.lyrie.ai
- PyPI: pypi.org/project/lyrie-omega
- npm: npmjs.com/package/@lyrie/atp
- GitHub: github.com/OTT-Cybersecurity-LLC/lyrie-ai
- Twitter/X: @lyrie_ai
- Contact: [email protected]
Lyrie.ai β A project of OTT Cybersecurity LLC Β· Dubai, UAE
MIT License Β· Β©2026