lyrie-ai

Name: lyrie-ai
Author: OTT-Cybersecurity-LLC

Verified

Lyrie.ai — The world's first autonomous AI cybersecurity agent. Built by OTT Cybersecurity LLC.

373stars

42forks

TypeScript

Installation

# Add to your Claude Code skills
git clone https://github.com/OTT-Cybersecurity-LLC/lyrie-ai

Getting Started

Guides for using ai agents skills like lyrie-ai.

Caveman: Cut Claude Token Use by 65%
How agent-side prompt compression works, when to use it, and when not to.
What is an AI Skills Marketplace?
Definitions, how marketplaces work, and how to choose between them in 2026.
Getting Started with AI Skills

Security ReportVerified

Last scanned: 5/14/2026

{
  "issues": [],
  "status": "PASSED",
  "scannedAt": "2026-05-14T06:47:11.121Z",
  "semgrepRan": false,
  "npmAuditRan": false,
  "pipAuditRan": true
}

README.md

Frequently Asked Questions

What is lyrie-ai?

lyrie-ai is an open-source ai agents skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by OTT-Cybersecurity-LLC. Lyrie.ai — The world's first autonomous AI cybersecurity agent. Built by OTT Cybersecurity LLC. It has 373 GitHub stars.

Is lyrie-ai safe to use?

Yes. lyrie-ai passed SkillsLLM's automated security scan — a dependency vulnerability audit plus prompt-injection heuristics — with no high-severity issues. You can read the full report in the Security Report section on this page.

How do I install lyrie-ai?

Clone the repository with "git clone https://github.com/OTT-Cybersecurity-LLC/lyrie-ai" and add it to your Claude Code skills directory (see the Installation section above).

What programming language is lyrie-ai written in?

lyrie-ai is primarily written in TypeScript. It is open-source under OTT-Cybersecurity-LLC on GitHub, so you can review or fork the full source.

Are there alternatives to lyrie-ai?

Yes. SkillsLLM lists many other AI Agents skills you can browse and compare side by side. Open the AI Agents category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh lyrie-ai against similar tools.

Agentic AI for Beginners

Build your first AI agent from scratch - tool use, ReAct pattern, memory, deployment

41 minBeginner

Comments (0)

to leave a comment.

No comments yet. Be the first to share your thoughts!

Related Skills

ECC

by affaan-m

The agent harness performance optimization system. Skills, instincts, memory, security, and research-first development for Claude Code, Codex, Opencode, Cursor and beyond.

215,726

MCPSharp ai-collab-playbook

🛡️ Lyrie

The autonomous security agent.

Pentests apps. Defends agents. Researches binaries. Trains itself. One daemon.

Install · Quick Start · Commands · ATP · Security

🆕 What's New in v3.1.0

Memory Encryption: XChaCha20-Poly1305 implementation for sensitive threat data (@noble/ciphers)
7 New PoC Generators: prompt injection, auth bypass, CSRF, open redirect, race condition, secret exposure, XXE
3 New Deep Scanners: Rust analysis, taint engine, AI deep analysis
UI Workspace Fix: Proper @lyrie/atp workspace resolution
Expanded Test Suite: 1,737 tests passing across @lyrie/atp, @lyrie/core, @lyrie/gateway, @lyrie/mcp, @lyrie/ui
New Security Modules: Domain verification, ML-based threat classifier, URL guardianship
Fully backward compatible with v3.0.0 — no migration required

See CHANGELOG.md for the complete list.

What is Lyrie?

Lyrie is an autonomous security agent built by OTT Cybersecurity LLC. It runs end-to-end pentests, red-teams LLM endpoints, scans code and live URLs, and ships with the Agent Trust Protocol (ATP) — the first open cryptographic standard for AI agent identity.

Two installs, one tool:

Component	Language	Install	What it does
`lyrie-omega`	Python	`pip install lyrie-omega`	CLI for scanning, pentesting, red-teaming, governance
`@lyrie/atp`	TypeScript/Node	`npm install @lyrie/atp`	Agent Trust Protocol SDK — cryptographic agent identity

🚀 Install

# Option 1: one-line installer (installs both)
curl -sSL https://lyrie.ai/install.sh | bash

# Option 2: install separately
pip install lyrie-omega
npm install @lyrie/atp

After install:

lyrie init                  # one-time setup wizard
lyrie doctor                # verify everything works

⚡ Quick Start

# Scan a live URL for security misconfigurations
lyrie scan https://app.example.com

# Run a 7-phase autonomous pentest
lyrie hack https://app.example.com
lyrie hack ./myapp                          # local source tree
lyrie hack ./myapp --stage scan --output report.json

# AI red-team an LLM endpoint
lyrie redteam https://api.openai.com/v1/chat --strategy crescendo --dry-run

# Check CVSS score
lyrie cvss 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'

# Self-diagnostic
lyrie doctor

📋 Commands

All 25 commands are real and tested. Run lyrie <command> --help for details.

Core security

lyrie hack <target>              # 7-phase autonomous pentest (URL or local path)
lyrie scan <target>              # Scan file/dir/URL for vulnerabilities
lyrie redteam <endpoint>         # AI red-team an LLM endpoint
lyrie cvss <vector>              # CVSS v3.1 scoring
lyrie exploit --cve <id>         # SMT-backed exploit feasibility
lyrie validate --target <url>    # Agentic exploitability validation
lyrie intel --repo <url>         # GitHub OSS forensics evidence collection
lyrie smt --check <expr>         # Z3 SMT solver interface

Binary analysis (Omega)

lyrie omega analyze <binary>     # Static binary analysis
lyrie omega rop <binary>         # ROP gadget search
lyrie omega smt <binary>         # SMT constraint analysis
lyrie omega replay <session>     # Replay recorded session

Identity & trust (ATP)

lyrie atp verify <agent-id>      # Verify agent identity + scope
lyrie atp badge --show           # Display compliance badge
lyrie atp receipt <session-id>   # Audit trail for a session

Operations

lyrie init                       # First-time setup wizard
lyrie doctor                     # Self-diagnostic (env, deps, keys, network)
lyrie auth setup                 # Configure API keys interactively
lyrie auth set --key NAME        # Set a specific key (prompts securely)
lyrie auth list                  # Show configured keys (redacted)
lyrie config show                # Show config file contents
lyrie config path                # Print config file path

Automation & lifecycle

lyrie daemon --threat-watch      # Continuous threat detection
lyrie service install            # Install as system service (launchd/systemd)
lyrie service status             # Service status
lyrie cron list                  # List scheduled jobs
lyrie cron add "*/5 * * * *" "lyrie scan https://example.com"

Governance & compliance

lyrie governance assess --interactive     # NIST AI RMF 8-question assessment
lyrie governance permissions tools.json   # Audit tool permissions for risk
lyrie tools audit                         # Risk assessment of installed tools
lyrie memory integrity-check              # Detect tampered memories

Self-improvement

lyrie evolve dream               # Full cycle: score → extract → prune → summarize
lyrie evolve stats               # Domain breakdown
lyrie evolve train --export atropos       # Export training data

Models & migration

lyrie models list                # List available LLM aliases
lyrie models route <task-type>   # Show routing decision (cyber, code, seo, trading)
lyrie models health              # Health-check all model providers
lyrie migrate --detect           # Auto-detect existing agent platforms
lyrie migrate --from openclaw    # Import from another platform

Skills

lyrie skills list                # List installed skills
lyrie skills search <query>      # Search skill library
lyrie skills install <skill-id>  # Install a skill
lyrie skills run <skill-id>      # Execute a skill

🛡️ Capabilities

Autonomous pentesting (`lyrie hack`)

7-phase pipeline: recon → fingerprint → scan → exploit → PoC → report. Works on live URLs and local source trees. Outputs SARIF for GitHub Code Scanning.

URL security scan (`lyrie scan <url>`)

Checks every site for:

Security headers (CSP, HSTS, X-Frame-Options, etc.)
TLS version and cert expiry
Common exposed paths (.env, .git/config, /admin, etc.)
Server version disclosure

AI red-teaming (`lyrie redteam`)

5 attack strategies against LLM endpoints:

crescendo — gradual escalation
tap — tree-of-attacks-with-pruning
pair — prompt automatic iterative refinement
gcg — gradient-based suffix attack (full: H200 required)
autodan — genetic algorithm black-box (full: GPU required)

Agent Trust Protocol (ATP)

Open cryptographic standard for AI agent identity. Ed25519 signatures, delegation chains, revocation lists, multisig. Spec at atp.lyrie.ai. 143 tests passing.

Lyrie Shield (Rust)

Production-grade security engine: hash-signature scanning, heuristic analysis, WAF, rogue-AI detector. 31 tests passing.

🔐 ATP — Agent Trust Protocol

The first open cryptographic standard for AI agent identity. Think TLS for agents.

import { issueCertificate, verifyAic } from '@lyrie/atp';

// Issue a scoped certificate
const aic = await issueCertificate({
  subjectPublicKey: agentPubKey,
  scope: { tools: ['scan', 'read'], maxBudget: 100 },
  issuerPrivateKey: rootKey,
  ttlSeconds: 3600,
});

// Verify it
const result = await verifyAic(aic, trustAnchor);
if (result.valid) {
  // Agent is authorized
}

Full spec: atp.lyrie.ai · Whitepaper PDF

🔑 Configuration

# Interactive setup
lyrie auth setup

# Or set individual keys
lyrie auth set --key ANTHROPIC_API_KEY    # prompts securely (no shell history)
lyrie auth set --key OPENAI_API_KEY
lyrie auth set --key GITHUB_TOKEN

# View configured keys (redacted)
lyrie auth list

Keys are stored at ~/.lyrie/config.json with chmod 600 (user-only).

Known keys: ANTHROPIC_API_KEY, OPENAI_API_KEY, GITHUB_TOKEN, LYRIE_LICENSE_KEY, CODEQL_CLI, CODEQL_QUERIES.

🏗️ Architecture

┌─────────────────────────────────────────────────┐
│                  lyrie CLI                       │
│  (Python — lyrie-omega, this repo)               │
└────────────┬─────────────────────────────────────┘
             │
   ┌─────────┴─────────┐
   ▼                   ▼
┌──────────┐      ┌──────────────┐
│ omega    │      │  @lyrie/atp  │
│ engine   │      │  (Node.js)   │
│ (Rust +  │      │              │
│  Python) │      │  Ed25519     │
│          │      │  delegation  │
│ CodeQL,  │      │  revocation  │
│ SMT, ROP │      │  multisig    │
└──────────┘      └──────────────┘

packages/atp/ — TypeScript Agent Trust Protocol SDK (npm: @lyrie/atp)
packages/omega-suite/ — Python CLI + analysis engines (PyPI: lyrie-omega)
packages/shield/ — Rust security scanner (WAF + rogue-AI + threat scoring)

✅ Quality

ATP: 143 tests passing
Core: 1,455 tests passing (memory, pentest, scanners, PoC-gen, threat-intel, providers)
Gateway: 74 tests passing
MCP: 12 tests passing
UI: 53 tests passing
Shield: 31 tests passing
CLI: 25 commands, all functional
Security audit: 39 findings closed (see [SECURITY.md](SECURIT