Models on Producthunt daily

Prompt-Engineering-Guide

Tue, 14 Oct 2025 15:30:06 +0800

dair-ai/Prompt-Engineering-Guide

Prompt Engineering Guide

Announcements / Updates

🎓 We now offer self-paced prompt engineering courses under our DAIR.AI Academy. Join Now!
🎓 New course on Prompt Engineering for LLMs announced! Enroll here!
💼 We now offer several services like corporate training, consulting, and talks.
🌐 We now support 13 languages! Welcoming more translations.
👩‍🎓 We crossed 3 million learners in January 2024!
🎉 We have launched a new web version of the guide here
🔥 We reached #1 on Hacker News on 21 Feb 2023
🎉 The First Prompt Engineering Lecture went live here

Join our Discord

Subscribe to our YouTube

Subscribe to our Newsletter

Guides

You can also find the most up-to-date guides on our new website https://www.promptingguide.ai/.

Lecture

We have published a 1 hour lecture that provides a comprehensive overview of prompting techniques, applications, and tools.

Running the guide locally

To run the guide locally, for example to check the correct implementation of a new translation, you will need to:

Install Node >=18.0.0
Install pnpm if not present in your system. Check here for detailed instructions.
Install the dependencies: pnpm i next react react-dom nextra nextra-theme-docs
Boot the guide with pnpm dev
Browse the guide at http://localhost:3000/

Appearances

Some places where we have been featured:

Wall Street Journal - ChatGPT Can Give Great Answers. But Only If You Know How to Ask the Right Question
Forbes - Mom, Dad, I Want To Be A Prompt Engineer
Markettechpost - Best Free Prompt Engineering Resources (2023)

If you are using the guide for your work or research, please cite us as follows:

@article{Saravia_Prompt_Engineering_Guide_2022,
author = {Saravia, Elvis},
journal = {https://github.com/dair-ai/Prompt-Engineering-Guide},
month = {12},
title = {{Prompt Engineering Guide}},
year = {2022}
}

License

MIT License

Feel free to open a PR if you think something is missing here. Always welcome feedback and suggestions. Just open an issue!

cai

Thu, 25 Sep 2025 15:29:24 +0800

aliasrobotics/cai

Cybersecurity AI (`CAI`)

Cybersecurity AI (CAI) is a lightweight, open-source framework that empowers security professionals to build and deploy AI-powered offensive and defensive automation. CAI is the de facto framework for AI Security, already used by thousands of individual users and hundreds of organizations. Whether you’re a security researcher, ethical hacker, IT professional, or organization looking to enhance your security posture, CAI provides the building blocks to create specialized AI agents that can assist with mitigation, vulnerability discovery, exploitation, and security assessment.

Key Features:

🤖 300+ AI Models: Support for OpenAI, Anthropic, DeepSeek, Ollama, and more
🔧 Built-in Security Tools: Ready-to-use tools for reconnaissance, exploitation, and privilege escalation
🏆 Battle-tested: Proven in HackTheBox CTFs, bug bounties, and real-world security case studies
🎯 Agent-based Architecture: Modular framework design to build specialized agents for different security tasks
🛡️ Guardrails Protection: Built-in defenses against prompt injection and dangerous command execution
📚 Research-oriented: Research foundation to democratize cybersecurity AI for the community

[!NOTE] Read the technical report: CAI: An Open, Bug Bounty-Ready Cybersecurity AI

For further readings, refer to our impact and CAI citation sections.

`OT` - CAI and alias0 on: Ecoforest Heat Pumps	`Robotics` - CAI and alias0 on: Mobile Industrial Robots (MiR)
CAI discovers critical vulnerability in Ecoforest heat pumps allowing unauthorized remote access and potential catastrophic failures. AI-powered security testing reveals exposed credentials and DES encryption weaknesses affecting all of their deployed units across Europe.	CAI-powered security testing of MiR (Mobile Industrial Robot) platform through automated ROS message injection attacks. This study demonstrates how AI-driven vulnerability discovery can expose unauthorized access to robot control systems and alarm triggers.

`IT` (Web) - CAI and alias0 on: Mercado Libre’s e-commerce	`OT` - CAI and alias0 on: MQTT broker
CAI-powered API vulnerability discovery at Mercado Libre through automated enumeration attacks. This study demonstrates how AI-driven security testing can expose user data exposure risks in e-commerce platforms at scale.	CAI-powered testing exposed critical flaws in an MQTT broker within a Dockerized OT network. Without authentication, CAI subscribed to temperature and humidity topics and injected false values, corrupting data shown in Grafana dashboards.

[!WARNING] :warning: CAI is in active development, so don’t expect it to work flawlessly. Instead, contribute by raising an issue or sending a PR.

Access to this library and the use of information, materials (or portions thereof), is not intended, and is prohibited, where such access or use violates applicable laws or regulations. By no means the authors encourage or promote the unauthorized tampering with running systems. This can cause serious human harm and material damages.

By no means the authors of CAI encourage or promote the unauthorized tampering with compute systems. Please don’t use the source code in here for cybercrime. Pentest for good instead. By downloading, using, or modifying this source code, you agree to the terms of the LICENSE and the limitations outlined in the DISCLAIMER file.

:bookmark: Table of Contents

Cybersecurity AI (CAI)

🎯 Impact

🏆 Competitions and challenges

📊 Research Impact

Pioneered LLM-powered AI Security with PentestGPT, establishing the foundation for the Cybersecurity AI research domain
Established the Cybersecurity AI research line with 6 papers and technical reports, with active research collaborations
Demonstrated 3,600× performance improvement over human penetration testers in standardized CTF benchmark evaluations
Identified CVSS 4.3-7.5 severity vulnerabilities in production systems through automated security assessment
Democratization of AI-empowered vulnerability research: CAI enables both non-security domain experts and experienced researchers to conduct more efficient vulnerability discovery, expanding the security research community while empowering small and medium enterprises to conduct autonomous security assessments
Systematic evaluation of large language models across both proprietary and open-weight architectures, revealing substantial gaps between vendor-reported capabilities and empirical cybersecurity performance metrics
Established the autonomy levels in cybersecurity and argued about autonomy vs automation in the field
Collaborative research initiatives with international academic institutions focused on developing cybersecurity education curricula and training methodologies
Contributed a comprehensive defense framework against prompt injection in AI security agents: developed and empirically validated a multi-layered defense system that addresses the identified prompt injection issues
Explord the Cybersecurity of Humanoid Robots with CAI and identified new attack vectors showing how it (a) operates simultaneously as a covert surveillance node and (b) can be purposed as an active cyber operations platform

📚 Research products: `Cybersecurity AI`

CAI, An Open, Bug Bounty-Ready Cybersecurity AI	The Dangerous Gap Between Automation and Autonomy	CAI Fluency, A Framework for Cybersecurity AI Fluency

Hacking the AI Hackers via Prompt Injection	Humanoid Robots as Attack Vectors	The Cybersecurity of a Humanoid Robot

PoCs

CAI with `alias0` on ROS message injection attacks in MiR-100 robot	CAI with `alias0` on API vulnerability discovery at Mercado Libre

CAI on JWT@PortSwigger CTF — Cybersecurity AI	CAI on HackableII Boot2Root CTF — Cybersecurity AI

More case studies and PoCs are available at https://aliasrobotics.com/case-studies-robot-cybersecurity.php.

Motivation

:bust_in_silhouette: Why CAI?

The cybersecurity landscape is undergoing a dramatic transformation as AI becomes increasingly integrated into security operations. We predict that by 2028, AI-powered security testing tools will outnumber human pentesters. This shift represents a fundamental change in how we approach cybersecurity challenges. AI is not just another tool - it’s becoming essential for addressing complex security vulnerabilities and staying ahead of sophisticated threats. As organizations face more advanced cyber attacks, AI-enhanced security testing will be crucial for maintaining robust defenses.

This work builds upon prior efforts¹ and similarly, we believe that democratizing access to advanced cybersecurity AI tools is vital for the entire security community. That’s why we’re releasing Cybersecurity AI (CAI) as an open source framework. Our goal is to empower security researchers, ethical hackers, and organizations to build and deploy powerful AI-driven security tools. By making these capabilities openly available, we aim to level the playing field and ensure that cutting-edge security AI technology isn’t limited to well-funded private companies or state actors.

Bug Bounty programs have become a cornerstone of modern cybersecurity, providing a crucial mechanism for organizations to identify and fix vulnerabilities in their systems before they can be exploited. These programs have proven highly effective at securing both public and private infrastructure, with researchers discovering critical vulnerabilities that might have otherwise gone unnoticed. CAI is specifically designed to enhance these efforts by providing a lightweight, ergonomic framework for building specialized AI agents that can assist in various aspects of Bug Bounty hunting - from initial reconnaissance to vulnerability validation and reporting. Our framework aims to augment human expertise with AI capabilities, helping researchers work more efficiently and thoroughly in their quest to make digital systems more secure.

Ethical principles behind CAI

You might be wondering if releasing CAI in-the-wild given its capabilities and security implications is ethical. Our decision to open-source this framework is guided by two core ethical principles:

Democratizing Cybersecurity AI: We believe that advanced cybersecurity AI tools should be accessible to the entire security community, not just well-funded private companies or state actors. By releasing CAI as an open source framework, we aim to empower security researchers, ethical hackers, and organizations to build and deploy powerful AI-driven security tools, leveling the playing field in cybersecurity.
Transparency in AI Security Capabilities: Based on our research results, understanding of the technology, and dissection of top technical reports, we argue that current LLM vendors are undermining their cybersecurity capabilities. This is extremely dangerous and misleading. By developing CAI openly, we provide a transparent benchmark of what AI systems can actually do in cybersecurity contexts, enabling more informed decisions about security postures.

CAI is built on the following core principles:

Cybersecurity oriented AI framework: CAI is specifically designed for cybersecurity use cases, aiming at semi- and fully-automating offensive and defensive security tasks.
Open source, free for research: CAI is open source and free for research purposes. We aim at democratizing access to AI and Cybersecurity. For professional or commercial use, including on-premise deployments, dedicated technical support and custom extensions reach out to obtain a license.
Lightweight: CAI is designed to be fast, and easy to use.
Modular and agent-centric design: CAI operates on the basis of agents and agentic patterns, which allows flexibility and scalability. You can easily add the most suitable agents and pattern for your cybersecuritytarget case.
Tool-integration: CAI integrates already built-in tools, and allows the user to integrate their own tools with their own logic easily.
Logging and tracing integrated: using phoenix, the open source tracing and logging tool for LLMs. This provides the user with a detailed traceability of the agents and their execution.
Multi-Model Support: more than 300 supported and empowered by LiteLLM. The most popular providers:
- Anthropic: Claude 3.7, Claude 3.5, Claude 3, Claude 3 Opus
- OpenAI: O1, O1 Mini, O3 Mini, GPT-4o, GPT-4.5 Preview
- DeepSeek: DeepSeek V3, DeepSeek R1
- Ollama: Qwen2.5 72B, Qwen2.5 14B, etc

Closed-source alternatives

Cybersecurity AI is a critical field, yet many groups are misguidedly pursuing it through closed-source methods for pure economic return, leveraging similar techniques and building upon existing closed-source (often third-party owned) models. This approach not only squanders valuable engineering resources but also represents an economic waste and results in redundant efforts, as they often end up reinventing the wheel. Here are some of the closed-source initiatives we keep track of and attempting to leverage genAI and agentic frameworks in cybersecurity AI:

Learn - `CAI` Fluency

[!NOTE]

CAI Fluency technical report (arXiv:2508.13588) establishes formal educational frameworks for cybersecurity AI literacy.

	Description	English	Spanish
Episode 0: What is CAI?	Cybersecurity AI (`CAI`) explained
Episode 1: The `CAI` Framework	Vision & Ethics - Explore the core motivation behind CAI and delve into the crucial ethical principles guiding its development. Understand the motivation behind CAI and how you can actively contribute to the future of cybersecurity and the CAI framework.
Episode 2: From Zero to Cyber Hero	Breaking into Cybersecurity with AI - A comprehensive guide for complete beginners to become cybersecurity practitioners using CAI and AI tools. Learn how to leverage artificial intelligence to accelerate your cybersecurity learning journey, from understanding basic security concepts to performing real-world security assessments, all without requiring prior cybersecurity experience.
Episode 3: Vibe-Hacking Tutorial	“My first Hack” - A Vibe-Hacking guide for newbies. We demonstrate a simple web security hack using a default agent and show how to leverage tools and interpret CIA output with the help of the CAI Python API. You’ll also learn to compare different LLM models to find the best fit for your hacking endeavors.
Episode 4: Intro ReAct	The Evolution of LLMs - Learn how LLMs evolved from basic language models to advanced multiagency AI systems. From basic LLMs to Chain-of-Thought and Reasoning LLMs towards ReAct and Multi-Agent Architectures. Get to know the basic terms
Episode 5: CAI on CTF challenges	Dive into Capture The Flag (CTF) competitions using CAI. Learn how to leverage AI agents to solve various cybersecurity challenges including web exploitation, cryptography, reverse engineering, and forensics. Discover how to configure CAI for competitive hacking scenarios and maximize your CTF performance with intelligent automation.

Annex 1: `CAI` 0.5.x release	Introduce version 0.5 of `CAI` including new multi-agent functionality, new commands such as `/history`, `/compact`, `/graph` or `/memory` and a case study showing how `CAI` found a critical security flaw in OT heap pumps spread around the world.
Annex 2: `CAI` 0.4.x release and `alias0`	Introducing version 0.4 of `CAI` with streaming and improved MCP support. We also introduce `alias0`, the Privacy-First Cybersecurity AI, a Model-of-Models Intelligence that implements a Privacy-by-Design architecture and obtains state-of-the-art results in cybersecurity benchmarks.
Annex 3: Cybersecurity AI Community Meeting #1	First Cybersecurity AI (`CAI`) community meeting, over 40 participants from academia, industry, and defense gathered to discuss the open-source scaffolding behind CAI — a project designed to build agentic AI systems for cybersecurity that are open, modular, and Bug Bounty-ready.

:nut_and_bolt: Install

`1`	`pip install cai-framework`

Always create a new virtual environment to ensure proper dependency installation when updating CAI.

The following subsections provide a more detailed walkthrough on selected popular Operating Systems. Refer to the Development section for developer-related install instructions.

OS X

brew update && \
    brew install git python@3.12

# Create virtual environment
python3.12 -m venv cai_env

# Install the package from the local directory
source cai_env/bin/activate && pip install cai-framework

# Generate a .env file and set up with defaults
echo -e 'OPENAI_API_KEY="sk-1234"\nANTHROPIC_API_KEY=""\nOLLAMA=""\nPROMPT_TOOLKIT_NO_CPR=1\nCAI_STREAM=false' > .env

# Launch CAI
cai  # first launch it can take up to 30 seconds

Ubuntu 24.04

sudo apt-get update && \
    sudo apt-get install -y git python3-pip python3.12-venv

# Create the virtual environment
python3.12 -m venv cai_env

# Install the package from the local directory
source cai_env/bin/activate && pip install cai-framework

# Generate a .env file and set up with defaults
echo -e 'OPENAI_API_KEY="sk-1234"\nANTHROPIC_API_KEY=""\nOLLAMA=""\nPROMPT_TOOLKIT_NO_CPR=1\nCAI_STREAM=false' > .env

# Launch CAI
cai  # first launch it can take up to 30 seconds

Ubuntu 20.04

sudo apt-get update && \
    sudo apt-get install -y software-properties-common

# Fetch Python 3.12
sudo add-apt-repository ppa:deadsnakes/ppa && sudo apt update
sudo apt install python3.12 python3.12-venv python3.12-dev -y

# Create the virtual environment
python3.12 -m venv cai_env

# Install the package from the local directory
source cai_env/bin/activate && pip install cai-framework

# Generate a .env file and set up with defaults
echo -e 'OPENAI_API_KEY="sk-1234"\nANTHROPIC_API_KEY=""\nOLLAMA=""\nPROMPT_TOOLKIT_NO_CPR=1\nCAI_STREAM=false' > .env

# Launch CAI
cai  # first launch it can take up to 30 seconds

Windows WSL

Go to the Microsoft page: https://learn.microsoft.com/en-us/windows/wsl/install. Here you will find all the instructions to install WSL

From Powershell write: wsl –install


sudo apt-get update && \
    sudo apt-get install -y git python3-pip python3-venv

# Create the virtual environment
python3 -m venv cai_env

# Install the package from the local directory
source cai_env/bin/activate && pip install cai-framework

# Generate a .env file and set up with defaults
echo -e 'OPENAI_API_KEY="sk-1234"\nANTHROPIC_API_KEY=""\nOLLAMA=""\nPROMPT_TOOLKIT_NO_CPR=1\nCAI_STREAM=false' > .env

# Launch CAI
cai  # first launch it can take up to 30 seconds

Android

We recommend having at least 8 GB of RAM:

First of all, install userland https://play.google.com/store/apps/details?id=tech.ula&hl=es
Install Kali minimal in basic options (for free). [Or any other kali option if preferred]
Update apt keys like in this example: https://superuser.com/questions/1644520/apt-get-update-issue-in-kali, inside UserLand’s Kali terminal execute

# Get new apt keys
wget http://http.kali.org/kali/pool/main/k/kali-archive-keyring/kali-archive-keyring_2024.1_all.deb

# Install new apt keys
sudo dpkg -i kali-archive-keyring_2024.1_all.deb && rm kali-archive-keyring_2024.1_all.deb

# Update APT repository
sudo apt-get update

# CAI requieres python 3.12, lets install it (CAI for kali in Android)
sudo apt-get update && sudo apt-get install -y git python3-pip build-essential zlib1g-dev libncurses5-dev libgdbm-dev libnss3-dev libssl-dev libreadline-dev libffi-dev libsqlite3-dev wget libbz2-dev pkg-config
wget https://www.python.org/ftp/python/3.12.4/Python-3.12.4.tar.xz
tar xf Python-3.12.4.tar.xz
cd ./configure --enable-optimizations
sudo make altinstall # This command takes long to execute

# Clone CAI's source code
git clone https://github.com/aliasrobotics/cai && cd cai

# Create virtual environment
python3.12 -m venv cai_env

# Install the package from the local directory
source cai_env/bin/activate && pip3 install -e .

# Generate a .env file and set up
cp .env.example .env  # edit here your keys/models

# Launch CAI
cai

:nut_and_bolt: Setup `.env` file

CAI leverages the .env file to load configuration at launch. To facilitate the setup, the repo provides an exemplary .env.example file provides a template for configuring CAI’s setup and your LLM API keys to work with desired LLM models.

:warning: Important:

CAI does NOT provide API keys for any model by default. Don’t ask us to provide keys, use your own or host your own models.

:warning: Note:

The OPENAI_API_KEY must not be left blank. It should contain either “sk-123” (as a placeholder) or your actual API key. See https://github.com/aliasrobotics/cai/issues/27.

:warning: Note:

If you are using alias0 model, make sure that CAI is >0.4.0 version and here you have an .env example to be able to use it.

OPENAI_API_KEY="sk-1234"
OLLAMA=""
ALIAS_API_KEY="<sk-your-key>"  # note, add yours
CAI_STEAM=False

🔹 Custom OpenAI Base URL Support

CAI supports configuring a custom OpenAI API base URL via the OPENAI_BASE_URL environment variable. This allows users to redirect API calls to a custom endpoint, such as a proxy or self-hosted OpenAI-compatible service.

Example .env entry configuration:

`1`	`OLLAMA_API_BASE="https://custom-openai-proxy.com/v1"`

Or directly from the command line:

`1`	`OLLAMA_API_BASE="https://custom-openai-proxy.com/v1" cai`

:triangular_ruler: Architecture:

CAI focuses on making cybersecurity agent coordination and execution lightweight, highly controllable, and useful for humans. To do so it builds upon 8 pillars: Agents, Tools, Handoffs, Patterns, Turns, Tracing, Guardrails and HITL.

                  ┌───────────────┐           ┌───────────┐
                  │      HITL     │◀─────────▶│   Turns   │
                  └───────┬───────┘           └───────────┘
                          │
                          ▼
┌───────────┐       ┌───────────┐       ┌───────────┐      ┌───────────┐
│  Patterns │◀─────▶│  Handoffs │◀────▶ │   Agents  │◀────▶│    LLMs   │
└───────────┘       └─────┬─────┘       └─────┬─────┘      └───────────┘
                          │                   │
                          │                   ▼
┌────────────┐       ┌────┴──────┐       ┌───────────┐     ┌────────────┐
│ Extensions │◀─────▶│  Tracing  │       │   Tools   │◀───▶│ Guardrails │
└────────────┘       └───────────┘       └───────────┘     └────────────┘
                                              │
                          ┌─────────────┬─────┴────┬─────────────┐
                          ▼             ▼          ▼             ▼
                    ┌───────────┐┌───────────┐┌────────────┐┌───────────┐
                    │ LinuxCmd  ││ WebSearch ││    Code    ││ SSHTunnel │
                    └───────────┘└───────────┘└────────────┘└───────────┘

If you want to dive deeper into the code, check the following files as a start point for using CAI:

init.py
cli.py - entrypoint for command line interface
util.py - utility functions
agents - Agent implementations
internal - CAI internal functions (endpoints, metrics, logging, etc.)
prompts - Agent Prompt Database
repl - CLI aesthetics and commands
sdk - CAI command sdk
tools - agent tools

🔹 Agent

At its core, CAI abstracts its cybersecurity behavior via Agents and agentic Patterns. An Agent in an intelligent system that interacts with some environment. More technically, within CAI we embrace a robotics-centric definition wherein an agent is anything that can be viewed as a system perceiving its environment through sensors, reasoning about its goals and and acting accordingly upon that environment through actuators (adapted from Russel & Norvig, AI: A Modern Approach). In cybersecurity, an Agent interacts with systems and networks, using peripherals and network interfaces as sensors, reasons accordingly and then executes network actions as if actuators. Correspondingly, in CAI, Agents implement the ReACT (Reasoning and Action) agent model². For more information, see the example here for the full execution code, and refer to this jupyter notebook for a tutorial on how to use it.

from cai.sdk.agents import Agent, Runner, OpenAIChatCompletionsModel

import os
from openai import AsyncOpenAI
from dotenv import load_dotenv
load_dotenv()

agent = Agent(
      name="Custom Agent",
      instructions="""You are a Cybersecurity expert Leader""",
      model=OpenAIChatCompletionsModel(
          model=os.getenv('CAI_MODEL', "openai/gpt-4o"),
          openai_client=AsyncOpenAI(),
          )
      )

message = "Tell me about recursion in programming."
result = await Runner.run(agent, message)

🔹 Tools

Tools let cybersecurity agents take actions by providing interfaces to execute system commands, run security scans, analyze vulnerabilities, and interact with target systems and APIs - they are the core capabilities that enable CAI agents to perform security tasks effectively; in CAI, tools include built-in cybersecurity utilities (like LinuxCmd for command execution, WebSearch for OSINT gathering, Code for dynamic script execution, and SSHTunnel for secure remote access), function calling mechanisms that allow integration of any Python function as a security tool, and agent-as-tool functionality that enables specialized security agents (such as reconnaissance or exploit agents) to be used by other agents, creating powerful collaborative security workflows without requiring formal handoffs between agents. For more information, please refer to the example here for the complete configuration of custom functions.

from cai.sdk.agents import Agent, Runner, OpenAIChatCompletionsModel
from cai.tools.reconnaissance.exec_code import execute_code
from cai.tools.reconnaissance.generic_linux_command import generic_linux_command

import os
from openai import AsyncOpenAI
from dotenv import load_dotenv
load_dotenv()

agent = Agent(
      name="Custom Agent",
      instructions="""You are a Cybersecurity expert Leader""",
      tools= [
        generic_linux_command,
        execute_code
      ],
      model=OpenAIChatCompletionsModel(
          model=os.getenv('CAI_MODEL', "openai/gpt-4o"),
          openai_client=AsyncOpenAI(),
          )
      )

message = "Tell me about recursion in programming."
result = await Runner.run(agent, message)

You may find different tools. They are grouped in 6 major categories inspired by the security kill chain ³:

Reconnaissance and weaponization - reconnaissance (crypto, listing, etc)
Exploitation - exploitation
Privilege escalation - escalation
Lateral movement - lateral
Data exfiltration - exfiltration
Command and control - control

🔹 Handoffs

Handoffs allow an Agent to delegate tasks to another agent, which is crucial in cybersecurity operations where specialized expertise is needed for different phases of an engagement. In our framework, Handoffs are implemented as tools for the LLM, where a handoff/transfer function like transfer_to_flag_discriminator enables the ctf_agent to pass control to the flag_discriminator_agent once it believes it has found the flag. This creates a security validation chain where the first agent handles exploitation and flag discovery, while the second agent specializes in flag verification, ensuring proper segregation of duties and leveraging specialized capabilities of different models for distinct security tasks. For more information, please refer to the example here for the full execution code.

from cai.sdk.agents import function_tool
from cai.tools.common import run_command
from cai.sdk.agents import Agent, OpenAIChatCompletionsModel, HandoffInputData, Runner, function_tool, handoff, trace
from cai.sdk.agents.extensions import handoff_filters

import os
from openai import AsyncOpenAI
from dotenv import load_dotenv
load_dotenv()

@function_tool
def execute_cli_command(command: str) -> str:
    return run_command(command)

flag_discriminator = Agent(
    name="Flag discriminator",
    description="Agent focused on extracting the flag from the output",
    instructions="You are an agent tailored to extract the flag from a given output.",
    model=OpenAIChatCompletionsModel(
        model=os.getenv('CAI_MODEL', "qwen2.5:14b"),
        openai_client=AsyncOpenAI(),
    ) 
)

ctf_agent = Agent(
    name="CTF agent",
    description="Agent focused on conquering security challenges",
    instructions="You are a Cybersecurity expert Leader facing a CTF",
    tools=[
        execute_cli_command,
    ],
    model=OpenAIChatCompletionsModel(
        model= os.getenv('CAI_MODEL', "qwen2.5:14b"),
        openai_client=AsyncOpenAI(),
    ), 
    handoffs = [flag_discriminator]
)

🔹 Patterns

An agentic Pattern is a structured design paradigm in artificial intelligence systems where autonomous or semi-autonomous agents operate within a defined interaction framework (the pattern) to achieve a goal. These Patterns specify the organization, coordination, and communication methods among agents, guiding decision-making, task execution, and delegation.

An agentic pattern (AP) can be formally defined as a tuple:

\[ AP = (A, H, D, C, E) \]

wherein:

\(A\) (Agents): A set of autonomous entities, \( A = \{a_1, a_2, …, a_n\} \), each with defined roles, capabilities, and internal states.
\(H\) (Handoffs): A function \( H: A \times T \to A \) that governs how tasks \( T \) are transferred between agents based on predefined logic (e.g., rules, negotiation, bidding).
\(D\) (Decision Mechanism): A decision function \( D: S \to A \) where \( S \) represents system states, and \( D \) determines which agent takes action at any given time.
\(C\) (Communication Protocol): A messaging function \( C: A \times A \to M \), where \( M \) is a message space, defining how agents share information.
\(E\) (Execution Model): A function \( E: A \times I \to O \) where \( I \) is the input space and \( O \) is the output space, defining how agents perform tasks.

When building Patterns, we generall y classify them among one of the following categories, though others exist:

Agentic `Pattern` categories	Description
`Swarm` (Decentralized)	Agents share tasks and self-assign responsibilities without a central orchestrator. Handoffs occur dynamically. An example of a peer-to-peer agentic pattern is the `CTF Agentic Pattern`, which involves a team of agents working together to solve a CTF challenge with dynamic handoffs.
`Hierarchical`	A top-level agent (e.g., “PlannerAgent”) assigns tasks via structured handoffs to specialized sub-agents. Alternatively, the structure of the agents is harcoded into the agentic pattern with pre-defined handoffs.
`Chain-of-Thought` (Sequential Workflow)	A structured pipeline where Agent A produces an output, hands it to Agent B for reuse or refinement, and so on. Handoffs follow a linear sequence. An example of a chain-of-thought agentic pattern is the `ReasonerAgent`, which involves a Reasoning-type LLM that provides context to the main agent to solve a CTF challenge with a linear sequence.⁴
`Auction-Based` (Competitive Allocation)	Agents “bid” on tasks based on priority, capability, or cost. A decision agent evaluates bids and hands off tasks to the best-fit agent.
`Recursive`	A single agent continuously refines its own output, treating itself as both executor and evaluator, with handoffs (internal or external) to itself. An example of a recursive agentic pattern is the `CodeAgent` (when used as a recursive agent), which continuously refines its own output by executing code and updating its own instructions.

For more information and examples of common agentic patterns, see the examples folder.

🔹 Turns and Interactions

During the agentic flow (conversation), we distinguish between interactions and turns.

Interactions are sequential exchanges between one or multiple agents. Each agent executing its logic corresponds with one interaction. Since an Agent in CAI generally implements the ReACT agent model², each interaction consists of 1) a reasoning step via an LLM inference and 2) act by calling zero-to-n Tools. This is defined inprocess_interaction() in core.py.
Turns: A turn represents a cycle of one ore more interactions which finishes when the Agent (or Pattern) executing returns None, judging there’re no further actions to undertake. This is defined in run(), see core.py.

[!NOTE] CAI Agents are not related to Assistants in the Assistants API. They are named similarly for convenience, but are otherwise completely unrelated. CAI is entirely powered by the Chat Completions API and is hence stateless between calls.

🔹 Tracing

CAI implements AI observability by adopting the OpenTelemetry standard and to do so, it leverages Phoenix which provides comprehensive tracing capabilities through OpenTelemetry-based instrumentation, allowing you to monitor and analyze your security operations in real-time. This integration enables detailed visibility into agent interactions, tool usage, and attack vectors throughout penetration testing workflows, making it easier to debug complex exploitation chains, track vulnerability discovery processes, and optimize agent performance for more effective security assessments.

🔹 Guardrails

Guardrails provide a critical security layer for CAI agents, protecting against prompt injection attacks and preventing execution of dangerous commands. These guardrails run in parallel to agents, validating both input and output to ensure safe operation. The framework includes:

Input Guardrails: Detect and block prompt injection attempts before they reach agents, using pattern matching, Unicode homograph detection, and AI-powered analysis
Output Guardrails: Validate agent outputs before execution, preventing dangerous commands like reverse shells, fork bombs, or data exfiltration
Multi-layered Defense: Protection at input, processing, and execution stages with tool-level validation
Base64/Base32 Aware: Automatically decodes and analyzes encoded payloads to detect hidden malicious commands
Configurable: Can be enabled/disabled via CAI_GUARDRAILS environment variable

For detailed implementation, see docs/guardrails.md and docs/cai_prompt_injection.md.

🔹 Human-In-The-Loop (HITL)

                      ┌─────────────────────────────────┐
                      │                                 │
                      │      Cybersecurity AI (CAI)     │
                      │                                 │
                      │       ┌─────────────────┐       │
                      │       │  Autonomous AI  │       │
                      │       └────────┬────────┘       │
                      │                │                │
                      │                │                │
                      │       ┌────────▼─────────┐      │
                      │       │ HITL Interaction │      │
                      │       └────────┬─────────┘      │
                      │                │                │
                      └────────────────┼────────────────┘
                                       │
                                       │ Ctrl+C (cli.py)
                                       │
                           ┌───────────▼───────────┐
                           │   Human Operator(s)   │
                           │  Expertise | Judgment │
                           │    Teleoperation      │
                           └───────────────────────┘

CAI delivers a framework for building Cybersecurity AIs with a strong emphasis on semi-autonomous operation, as the reality is that fully-autonomous cybersecurity systems remain premature and face significant challenges when tackling complex tasks. While CAI explores autonomous capabilities, we recognize that effective security operations still require human teleoperation providing expertise, judgment, and oversight in the security process.

Accordingly, the Human-In-The-Loop (HITL) module is a core design principle of CAI, acknowledging that human intervention and teleoperation are essential components of responsible security testing. Through the cli.py interface, users can seamlessly interact with agents at any point during execution by simply pressing Ctrl+C. This is implemented across core.py and also in the REPL abstractions REPL.

:rocket: Quickstart

To start CAI after installing it, just type cai in the CLI:

└─# cai

          CCCCCCCCCCCCC      ++++++++   ++++++++      IIIIIIIIII
       CCC::::::::::::C  ++++++++++       ++++++++++  I::::::::I
     CC:::::::::::::::C ++++++++++         ++++++++++ I::::::::I
    C:::::CCCCCCCC::::C +++++++++    ++     +++++++++ II::::::II
   C:::::C       CCCCCC +++++++     +++++     +++++++   I::::I
  C:::::C                +++++     +++++++     +++++    I::::I
  C:::::C                ++++                   ++++    I::::I
  C:::::C                 ++                     ++     I::::I
  C:::::C                  +   +++++++++++++++   +      I::::I
  C:::::C                    +++++++++++++++++++        I::::I
  C:::::C                     +++++++++++++++++         I::::I
   C:::::C       CCCCCC        +++++++++++++++          I::::I
    C:::::CCCCCCCC::::C         +++++++++++++         II::::::II
     CC:::::::::::::::C           +++++++++           I::::::::I
       CCC::::::::::::C             +++++             I::::::::I
          CCCCCCCCCCCCC               ++              IIIIIIIIII

                      Cybersecurity AI (CAI), vX.Y.Z
                          Bug bounty-ready AI

CAI>

That should initialize CAI and provide a prompt to execute any security task you want to perform. The navigation bar at the bottom displays important system information. This information helps you understand your environment while working with CAI.

Here’s a quick demo video to help you get started with CAI. We’ll walk through the basic steps — from launching the tool to running your first AI-powered task in the terminal. Whether you’re a beginner or just curious, this guide will show you how easy it is to begin using CAI.

From here on, type on CAI and start your security exercise. Best way to learn is by example:

Environment Variables

For using private models, you are given a .env.example file. Copy it and rename it as .env. Fill in your corresponding API keys, and you are ready to use CAI.

List of Environment Variables

Variable	Description
CTF_NAME	Name of the CTF challenge to run (e.g. “picoctf_static_flag”)
CTF_CHALLENGE	Specific challenge name within the CTF to test
CTF_SUBNET	Network subnet for the CTF container
CTF_IP	IP address for the CTF container
CTF_INSIDE	Whether to conquer the CTF from within container
CAI_MODEL	Model to use for agents
CAI_DEBUG	Set debug output level (0: Only tool outputs, 1: Verbose debug output, 2: CLI debug output)
CAI_BRIEF	Enable/disable brief output mode
CAI_MAX_TURNS	Maximum number of turns for agent interactions
CAI_TRACING	Enable/disable OpenTelemetry tracing
CAI_AGENT_TYPE	Specify the agents to use (boot2root, one_tool…)
CAI_STATE	Enable/disable stateful mode
CAI_MEMORY	Enable/disable memory mode (episodic, semantic, all)
CAI_MEMORY_ONLINE	Enable/disable online memory mode
CAI_MEMORY_OFFLINE	Enable/disable offline memory
CAI_ENV_CONTEXT	Add dirs and current env to llm context
CAI_MEMORY_ONLINE_INTERVAL	Number of turns between online memory updates
CAI_PRICE_LIMIT	Price limit for the conversation in dollars
CAI_REPORT	Enable/disable reporter mode (ctf, nis2, pentesting)
CAI_SUPPORT_MODEL	Model to use for the support agent
CAI_SUPPORT_INTERVAL	Number of turns between support agent executions
CAI_WORKSPACE	Defines the name of the workspace
CAI_WORKSPACE_DIR	Specifies the directory path where the workspace is located
CAI_GUARDRAILS	Enable/disable guardrails for prompt injection protection (default: true)

OpenRouter Integration

The Cybersecurity AI (CAI) platform offers seamless integration with OpenRouter, a unified interface for Large Language Models (LLMs). This integration is crucial for users who wish to leverage advanced AI capabilities in their cybersecurity tasks. OpenRouter acts as a bridge, allowing CAI to communicate with various LLMs, thereby enhancing the flexibility and power of the AI agents used within CAI.

To enable OpenRouter support in CAI, you need to configure your environment by adding specific entries to your .env file. This setup ensures that CAI can interact with the OpenRouter API, facilitating the use of sophisticated models like Meta-LLaMA. Here’s how you can configure it:

CAI_AGENT_TYPE=redteam_agent
CAI_MODEL=openrouter/meta-llama/llama-4-maverick
OPENROUTER_API_KEY=<sk-your-key>  # note, add yours
OPENROUTER_API_BASE=https://openrouter.ai/api/v1

Azure OpenAI

The Cybersecurity AI (CAI) platform integrates seamlessly with Azure OpenAI, enabling organizations to run CAI against enterprise-hosted models (e.g., gpt-4o). This pathway is ideal for teams that must operate within Azure governance while leveraging advanced model capabilities. To enable Azure OpenAI support in CAI, configure your environment by adding the following entries to your .env. This ensures CAI can reach your Azure deployment endpoint and authenticate correctly.

CAI_AGENT_TYPE=redteam_agent
CAI_MODEL=azure/<model-name-deployed>
# Required: keep non-empty even when using Azure
OPENAI_API_KEY=dummy
# Azure credentials and endpoint
AZURE_API_KEY=<your-azure-openai-key>
AZURE_API_BASE=https://<resource>.openai.azure.com/openai/deployments/<deployment-name>/chat/completions?api-version=2025-01-01-preview

MCP

CAI supports the Model Context Protocol (MCP) for integrating external tools and services with AI agents. MCP is supported via two transport mechanisms:

SSE (Server-Sent Events) - For web-based servers that push updates over HTTP connections:

`1`	`CAI>/mcp load http://localhost:9876/sse burp`

STDIO (Standard Input/Output) - For local inter-process communication:

`1`	`CAI>/mcp load stdio myserver python mcp_server.py`

Once connected, you can add the MCP tools to any agent:

CAI>/mcp add burp redteam_agent
Adding tools from MCP server 'burp' to agent 'Red Team Agent'...
                                 Adding tools to Red Team Agent
┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ Tool                              ┃ Status ┃ Details                                         ┃
┡━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩
│ send_http_request                 │ Added  │ Available as: send_http_request                 │
│ create_repeater_tab               │ Added  │ Available as: create_repeater_tab               │
│ send_to_intruder                  │ Added  │ Available as: send_to_intruder                  │
│ url_encode                        │ Added  │ Available as: url_encode                        │
│ url_decode                        │ Added  │ Available as: url_decode                        │
│ base64encode                      │ Added  │ Available as: base64encode                      │
│ base64decode                      │ Added  │ Available as: base64decode                      │
│ generate_random_string            │ Added  │ Available as: generate_random_string            │
│ output_project_options            │ Added  │ Available as: output_project_options            │
│ output_user_options               │ Added  │ Available as: output_user_options               │
│ set_project_options               │ Added  │ Available as: set_project_options               │
│ set_user_options                  │ Added  │ Available as: set_user_options                  │
│ get_proxy_http_history            │ Added  │ Available as: get_proxy_http_history            │
│ get_proxy_http_history_regex      │ Added  │ Available as: get_proxy_http_history_regex      │
│ get_proxy_websocket_history       │ Added  │ Available as: get_proxy_websocket_history       │
│ get_proxy_websocket_history_regex │ Added  │ Available as: get_proxy_websocket_history_regex │
│ set_task_execution_engine_state   │ Added  │ Available as: set_task_execution_engine_state   │
│ set_proxy_intercept_state         │ Added  │ Available as: set_proxy_intercept_state         │
│ get_active_editor_contents        │ Added  │ Available as: get_active_editor_contents        │
│ set_active_editor_contents        │ Added  │ Available as: set_active_editor_contents        │
└───────────────────────────────────┴────────┴─────────────────────────────────────────────────┘
Added 20 tools from server 'burp' to agent 'Red Team Agent'.
CAI>/agent 13
CAI>Create a repeater tab

You can list all active MCP connections and their transport types:

`1`	`CAI>/mcp list`

https://github.com/user-attachments/assets/386a1fd3-3469-4f84-9396-2a5236febe1f

Development

Development is facilitated via VS Code dev. environments. To try out our development environment, clone the repository, open VS Code and enter de dev. container mode:

Contributions

If you want to contribute to this project, use Pre-commit before your MR

1
2
3

pip install pre-commit
pre-commit # files staged
pre-commit run --all-files # all files

Optional Requirements: caiextensions

Currently, the extensions are not publicly available as the engineering endeavour to maintain them is significant. Instead, we’re making selected custom caiextensions available for partner companies across collaborations.

:information_source: Usage Data Collection

CAI is provided free of charge for researchers. To improve CAI’s detection accuracy and publish open security research, instead of payment for research use cases, we ask you to contribute to the CAI community by allowing usage data collection. This data helps us identify areas for improvement, understand how the framework is being used, and prioritize new features. Legal basis of data collection is under Art. 6 (1)(f) GDPR — CAI’s legitimate interest in maintaining and improving security tooling, with Art. 89 safeguards for research. The collected data includes:

Basic system information (OS type, Python version)
Username and IP information
Tool usage patterns and performance metrics
Model interactions and token usage statistics

We take your privacy seriously and only collect what’s needed to make CAI better. For further info, reach out to research＠aliasrobotics.com. You can disable some of the data collection features via the CAI_TELEMETRY environment variable but we encourage you to keep it enabled and contribute back to research:

`1`	`CAI_TELEMETRY=False cai`

Reproduce CI-Setup locally

To simulate the CI/CD pipeline, you can run the following in the Gitlab runner machines:

docker run --rm -it \
  --privileged \
  --network=exploitflow_net \
  --add-host="host.docker.internal:host-gateway" \
  -v /cache:/cache \
  -v /var/run/docker.sock:/var/run/docker.sock:rw \
  registry.gitlab.com/aliasrobotics/alias_research/cai:latest bash

FAQ

OLLAMA is giving me 404 errors

Ollama’s API in OpenAI mode uses /v1/chat/completions whereas the openai library uses base_url + /chat/completions.

We adopt the latter for overall alignment with the gen AI community and empower the former by allowing users to add the v1 themselves via:

`1`	`OLLAMA_API_BASE=http://IP:PORT/v1`

See the following issues that treat this topic in more detail:

Where are all the caiextensions?

See all caiextensions

How do I install the report caiextension?

See here

How do I set up SSH access for Gitlab?

Generate a new SSH key

`1`	`ssh-keygen -t ed25519`

Add the key to the SSH agent

`1`	`ssh-add ~/.ssh/id_ed25519`

Add the public key to Gitlab Copy the key and add it to Gitlab under https://gitlab.com/-/user_settings/ssh_keys

`1`	`cat ~/.ssh/id_ed25519.pub`

To verify it:

1
2

ssh -T git@gitlab.com
Welcome to GitLab, @vmayoral!

How do I clear Python cache?

`1`	`find . -name "*.pyc" -delete && find . -name "__pycache__" -delete`

If host networking is not working with ollama check whether it has been disabled in Docker because you are not signed in

Docker in OS X behaves funny sometimes. Check if the following message has shown up:

Host networking has been disabled because you are not signed in. Please sign in to enable it.

Make sure this has been addressed and also that the Dev Container is not forwarding the 8000 port (click on x, if necessary in the ports section).

To verify connection, from within the VSCode devcontainer:

`1`	`curl -v http://host.docker.internal:8000/api/version`

Run CAI against any target

The starting user prompt in this case is: Target IP: 192.168.3.10, perform a full network scan.

The agent started performing a nmap scan. You could either interact with the agent and give it more instructions, or let it run to see what it explores next.

How do I interact with the agent? Type twice CTRL + C

If you want to use the HITL mode, you can do it by presssing twice Ctrl + C. This will allow you to interact (prompt) with the agent whenever you want. The agent will not lose the previous context, as it is stored in the history variable, which is passed to it and any agent that is called. This enables any agent to use the previous information and be more accurate and efficient.

Can I change the model while CAI is running? /model

Use /model to change the model.

How can I list all the agents available? /agent

Use /agent to list all the agents available.

Where can I list all the environment variables? /config

How to know more about the CLI? /help

How can I trace the whole execution?

The environment variable `CAI_TRACING` allows the user to set it to `CAI_TRACING=true` to enable tracing, or `CAI_TRACING=false` to disable it. When CAI is prompted by the first time, the user is provided with two paths, the execution log, and the tracing log.

Can I expand CAI capabilities using previous run logs?

Yes. Today CAI performs best by relying on In‑Context Learning (ICL). Rather than building long‑term stores, the recommended workflow is to load relevant prior logs directly into the current session so the model can reason with them in context.

Use the /load command to bring JSONL logs into CAI’s context (this replaces the legacy memory-loading tool):

CAI>/load logs/cai_20250408_111856.jsonl         # Load into current agent
CAI>/load <file> agent <name>                    # Load into a specific agent
CAI>/load <file> all                             # Distribute across all agents
CAI>/load <file> parallel                        # Match to configured parallel agents
# Tip: if you omit <file>, /load uses `logs/last`. Alias: /l

CAI prints the path to the current run’s JSONL log at startup (highlighted in orange), which you can pass to /load:

Legacy notes: earlier “memory extension” mechanisms (episodic/semantic stores and offline ingestion) are retained for reference only. See src/cai/agents/memory.py for background and legacy details. Our current direction prioritizes ICL over persistent memory.

Can I expand CAI capabilities using scripts or extra information?

Currently, CAI supports text based information. You can add any extra information on the target you are facing by copy-pasting it directly into the system or user prompt.

How? By adding it to the system (system_master_template.md) or the user prompt (user_master_template.md). You can always directly prompt the path to the model, and it will cat it.

How CAI licence works?

CAI’s current license does not restrict usage for research purposes. You are free to use CAI for security assessments (pentests), to develop additional features, and to integrate it into your research activities, as long as you comply with local laws.

If you or your organization start benefiting commercially from CAI (e.g., offering pentesting services powered by CAI), then a commercial license will be required to help sustain the project.

CAI itself is not a profit-seeking initiative. Our goal is to build a sustainable open-source project. We simply ask that those who profit from CAI contribute back and support our ongoing development.

I get a `Unable to locate package python3.12-venv` when installing the prerequisites on my debian based system!

The easiest way to get around this is to simply install python3.12 from source.

Citation

If you want to cite our work, please use the following:

@misc{mayoralvilches2025caiopenbugbountyready,
      title={CAI: An Open, Bug Bounty-Ready Cybersecurity AI},
      author={Víctor Mayoral-Vilches and Luis Javier Navarrete-Lozano and María Sanz-Gómez and Lidia Salas Espejo and Martiño Crespo-Álvarez and Francisco Oca-Gonzalez and Francesco Balassone and Alfonso Glera-Picón and Unai Ayucar-Carbajo and Jon Ander Ruiz-Alcalde and Stefan Rass and Martin Pinzger and Endika Gil-Uriarte},
      year={2025},
      eprint={2504.06017},
      archivePrefix={arXiv},
      primaryClass={cs.CR},
      url={https://arxiv.org/abs/2504.06017},
}

@misc{mayoralvilches2025cybersecurityaidangerousgap,
      title={Cybersecurity AI: The Dangerous Gap Between Automation and Autonomy}, 
      author={Víctor Mayoral-Vilches},
      year={2025},
      eprint={2506.23592},
      archivePrefix={arXiv},
      primaryClass={cs.CR},
      url={https://arxiv.org/abs/2506.23592}, 
}

@misc{mayoralvilches2025caifluencyframeworkcybersecurity,
      title={CAI Fluency: A Framework for Cybersecurity AI Fluency}, 
      author={Víctor Mayoral-Vilches and Jasmin Wachter and Cristóbal R. J. Veas Chavez and Cathrin Schachner and Luis Javier Navarrete-Lozano and María Sanz-Gómez},
      year={2025},
      eprint={2508.13588},
      archivePrefix={arXiv},
      primaryClass={cs.CR},
      url={https://arxiv.org/abs/2508.13588}, 
}

@misc{mayoralvilches2025cybersecurityaihackingai,
      title={Cybersecurity AI: Hacking the AI Hackers via Prompt Injection}, 
      author={Víctor Mayoral-Vilches and Per Mannermaa Rynning},
      year={2025},
      eprint={2508.21669},
      archivePrefix={arXiv},
      primaryClass={cs.CR},
      url={https://arxiv.org/abs/2508.21669}, 
}

Acknowledgements

CAI was initially developed by Alias Robotics and co-funded by the European EIC accelerator project RIS (GA 101161136) - HORIZON-EIC-2023-ACCELERATOR-01 call. The original agentic principles are inspired from OpenAI’s swarm library and translated into newer prototypes. This project also makes use of other relevant open source building blocks including LiteLLM, and phoenix

Academic Collaborations

CAI benefits from ongoing research collaborations with academic institutions. Researchers interested in collaborative projects, dataset access, or academic licenses should contact research@aliasrobotics.com. We provide special support for:

PhD research projects
Academic benchmarking studies
Security education initiatives
Open-source contributions from research labs

Deng, G., Liu, Y., Mayoral-Vilches, V., Liu, P., Li, Y., Xu, Y., … & Rass, S. (2024). {PentestGPT}: Evaluating and harnessing large language models for automated penetration testing. In 33rd USENIX Security Symposium (USENIX Security 24) (pp. 847-864). ↩︎
Yao, S., Zhao, J., Yu, D., Du, N., Shafran, I., Narasimhan, K., & Cao, Y. (2023, January). React: Synergizing reasoning and acting in language models. In International Conference on Learning Representations (ICLR). ↩︎ ↩︎
Kamhoua, C. A., Leslie, N. O., & Weisman, M. J. (2018). Game theoretic modeling of advanced persistent threat in internet of things. Journal of Cyber Security and Information Systems. ↩︎
Arguably, the Chain-of-Thought agentic pattern is a special case of the Hierarchical agentic pattern. ↩︎

vllm

Fri, 08 Aug 2025 15:39:19 +0800

vllm-project/vllm

Easy, fast, and cheap LLM serving for everyone

Latest News 🔥

[2025/05] We hosted NYC vLLM Meetup! Please find the meetup slides here.
[2025/05] vLLM is now a hosted project under PyTorch Foundation! Please find the announcement here.
[2025/04] We hosted Asia Developer Day! Please find the meetup slides from the vLLM team here.
[2025/01] We are excited to announce the alpha release of vLLM V1: A major architectural upgrade with 1.7x speedup! Clean code, optimized execution loop, zero-overhead prefix caching, enhanced multimodal support, and more. Please check out our blog post here.

Previous News

[2025/03] We hosted vLLM x Ollama Inference Night! Please find the meetup slides from the vLLM team here.
[2025/03] We hosted the first vLLM China Meetup! Please find the meetup slides from vLLM team here.
[2025/03] We hosted the East Coast vLLM Meetup! Please find the meetup slides here.
[2025/02] We hosted the ninth vLLM meetup with Meta! Please find the meetup slides from vLLM team here and AMD here. The slides from Meta will not be posted.
[2025/01] We hosted the eighth vLLM meetup with Google Cloud! Please find the meetup slides from vLLM team here, and Google Cloud team here.
[2024/12] vLLM joins pytorch ecosystem! Easy, Fast, and Cheap LLM Serving for Everyone!
[2024/11] We hosted the seventh vLLM meetup with Snowflake! Please find the meetup slides from vLLM team here, and Snowflake team here.
[2024/10] We have just created a developer slack (slack.vllm.ai) focusing on coordinating contributions and discussing features. Please feel free to join us there!
[2024/10] Ray Summit 2024 held a special track for vLLM! Please find the opening talk slides from the vLLM team here. Learn more from the talks from other vLLM contributors and users!
[2024/09] We hosted the sixth vLLM meetup with NVIDIA! Please find the meetup slides here.
[2024/07] We hosted the fifth vLLM meetup with AWS! Please find the meetup slides here.
[2024/07] In partnership with Meta, vLLM officially supports Llama 3.1 with FP8 quantization and pipeline parallelism! Please check out our blog post here.
[2024/06] We hosted the fourth vLLM meetup with Cloudflare and BentoML! Please find the meetup slides here.
[2024/04] We hosted the third vLLM meetup with Roblox! Please find the meetup slides here.
[2024/01] We hosted the second vLLM meetup with IBM! Please find the meetup slides here.
[2023/10] We hosted the first vLLM meetup with a16z! Please find the meetup slides here.
[2023/08] We would like to express our sincere gratitude to Andreessen Horowitz (a16z) for providing a generous grant to support the open-source development and research of vLLM.
[2023/06] We officially released vLLM! FastChat-vLLM integration has powered LMSYS Vicuna and Chatbot Arena since mid-April. Check out our blog post.

About

vLLM is a fast and easy-to-use library for LLM inference and serving.

Originally developed in the Sky Computing Lab at UC Berkeley, vLLM has evolved into a community-driven project with contributions from both academia and industry.

vLLM is fast with:

State-of-the-art serving throughput
Efficient management of attention key and value memory with PagedAttention
Continuous batching of incoming requests
Fast model execution with CUDA/HIP graph
Quantizations: GPTQ, AWQ, AutoRound, INT4, INT8, and FP8
Optimized CUDA kernels, including integration with FlashAttention and FlashInfer
Speculative decoding
Chunked prefill

vLLM is flexible and easy to use with:

Seamless integration with popular Hugging Face models
High-throughput serving with various decoding algorithms, including parallel sampling, beam search, and more
Tensor, pipeline, data and expert parallelism support for distributed inference
Streaming outputs
OpenAI-compatible API server
Support NVIDIA GPUs, AMD CPUs and GPUs, Intel CPUs and GPUs, PowerPC CPUs, TPU, and AWS Neuron
Prefix caching support
Multi-LoRA support

vLLM seamlessly supports most popular open-source models on HuggingFace, including:

Transformer-like LLMs (e.g., Llama)
Mixture-of-Expert LLMs (e.g., Mixtral, Deepseek-V2 and V3)
Embedding Models (e.g., E5-Mistral)
Multi-modal LLMs (e.g., LLaVA)

Find the full list of supported models here.

Getting Started

Install vLLM with pip or from source:

`1`	`pip install vllm`

Visit our documentation to learn more.

Contributing

We welcome and value any contributions and collaborations. Please check out Contributing to vLLM for how to get involved.

Citation

If you use vLLM for your research, please cite our paper:

@inproceedings{kwon2023efficient,
  title={Efficient Memory Management for Large Language Model Serving with PagedAttention},
  author={Woosuk Kwon and Zhuohan Li and Siyuan Zhuang and Ying Sheng and Lianmin Zheng and Cody Hao Yu and Joseph E. Gonzalez and Hao Zhang and Ion Stoica},
  booktitle={Proceedings of the ACM SIGOPS 29th Symposium on Operating Systems Principles},
  year={2023}
}

Contact Us

For technical questions and feature requests, please use GitHub Issues or Discussions
For discussing with fellow users, please use the vLLM Forum
For coordinating contributions and development, please use Slack
For security disclosures, please use GitHub’s Security Advisories feature
For collaborations and partnerships, please contact us at vllm-questions@lists.berkeley.edu

Media Kit

If you wish to use vLLM’s logo, please refer to our media kit repo

open_deep_research

Tue, 22 Jul 2025 15:33:16 +0800

langchain-ai/open_deep_research

Open Deep Research

Deep research has broken out as one of the most popular agent applications. This is a simple, configurable, fully open source deep research agent that works across many model providers, search tools, and MCP servers.

Read more in our blog
See our video for a quick overview

🚀 Quickstart

Clone the repository and activate a virtual environment:

git clone https://github.com/langchain-ai/open_deep_research.git
cd open_deep_research
uv venv
source .venv/bin/activate  # On Windows: .venv\Scripts\activate

Install dependencies:

`1`	`uv pip install -r pyproject.toml`

Set up your .env file to customize the environment variables (for model selection, search tools, and other configuration settings):

`1`	`cp .env.example .env`

Launch the assistant with the LangGraph server locally to open LangGraph Studio in your browser:

1
2

# Install dependencies and start the LangGraph server
uvx --refresh --from "langgraph-cli[inmem]" --with-editable . --python 3.11 langgraph dev --allow-blocking

Use this to open the Studio UI:

1
2
3

- 🚀 API: http://127.0.0.1:2024
- 🎨 Studio UI: https://smith.langchain.com/studio/?baseUrl=http://127.0.0.1:2024
- 📚 API Docs: http://127.0.0.1:2024/docs

Ask a question in the messages input field and click Submit.

Configurations

Open Deep Research offers extensive configuration options to customize the research process and model behavior. All configurations can be set via the web UI, environment variables, or by modifying the configuration directly.

General Settings

Max Structured Output Retries (default: 3): Maximum number of retries for structured output calls from models when parsing fails
Allow Clarification (default: true): Whether to allow the researcher to ask clarifying questions before starting research
Max Concurrent Research Units (default: 5): Maximum number of research units to run concurrently using sub-agents. Higher values enable faster research but may hit rate limits

Research Configuration

Search API (default: Tavily): Choose from Tavily (works with all models), OpenAI Native Web Search, Anthropic Native Web Search, or None
Max Researcher Iterations (default: 3): Number of times the Research Supervisor will reflect on research and ask follow-up questions
Max React Tool Calls (default: 5): Maximum number of tool calling iterations in a single researcher step

Models

Open Deep Research uses multiple specialized models for different research tasks:

Summarization Model (default: openai:gpt-4.1-nano): Summarizes research results from search APIs
Research Model (default: openai:gpt-4.1): Conducts research and analysis
Compression Model (default: openai:gpt-4.1-mini): Compresses research findings from sub-agents
Final Report Model (default: openai:gpt-4.1): Writes the final comprehensive report

All models are configured using init_chat_model() API which supports providers like OpenAI, Anthropic, Google Vertex AI, and others.

Important Model Requirements:

Structured Outputs: All models must support structured outputs. Check support here.
Search API Compatibility: Research and Compression models must support your selected search API:
- Anthropic search requires Anthropic models with web search capability
- OpenAI search requires OpenAI models with web search capability
- Tavily works with all models
Tool Calling: All models must support tool calling functionality
Special Configurations:
- For OpenRouter: Follow this guide
- For local models via Ollama: See setup instructions

Example MCP (Model Context Protocol) Servers

Open Deep Research supports MCP servers to extend research capabilities.

Local MCP Servers

Filesystem MCP Server provides secure file system operations with robust access control:

Read, write, and manage files and directories
Perform operations like reading file contents, creating directories, moving files, and searching
Restrict operations to predefined directories for security
Support for both command-line configuration and dynamic MCP roots

Example usage:

`1`	`mcp-server-filesystem /path/to/allowed/dir1 /path/to/allowed/dir2`

Remote MCP Servers

Remote MCP servers enable distributed agent coordination and support streamable HTTP requests. Unlike local servers, they can be multi-tenant and require more complex authentication.

Arcade MCP Server Example:

{
  "url": "https://api.arcade.dev/v1/mcps/ms_0ujssxh0cECutqzMgbtXSGnjorm",
  "tools": ["Search_SearchHotels", "Search_SearchOneWayFlights", "Search_SearchRoundtripFlights"]
}

Remote servers can be configured as authenticated or unauthenticated and support JWT-based authentication through OAuth endpoints.

Evaluation

A comprehensive batch evaluation system designed for detailed analysis and comparative studies.

Features:

Multi-dimensional Scoring: Specialized evaluators with 0-1 scale ratings
Dataset-driven Evaluation: Batch processing across multiple test cases

Usage:

1
2

# Run comprehensive evaluation on LangSmith datasets
python tests/run_evaluate.py

Key Files:

tests/run_evaluate.py: Main evaluation script
tests/evaluators.py: Specialized evaluator functions
tests/prompts.py: Evaluation prompts for each dimension

Deployments and Usages

LangGraph Studio

Follow the quickstart to start LangGraph server locally and test the agent out on LangGraph Studio.

Hosted deployment

You can easily deploy to LangGraph Platform.

Open Agent Platform

Open Agent Platform (OAP) is a UI from which non-technical users can build and configure their own agents. OAP is great for allowing users to configure the Deep Researcher with different MCP tools and search APIs that are best suited to their needs and the problems that they want to solve.

We’ve deployed Open Deep Research to our public demo instance of OAP. All you need to do is add your API Keys, and you can test out the Deep Researcher for yourself! Try it out here

You can also deploy your own instance of OAP, and make your own custom agents (like Deep Researcher) available on it to your users.

Updates 🔥

Legacy Implementations 🏛️

The src/legacy/ folder contains two earlier implementations that provide alternative approaches to automated research:

1. Workflow Implementation (`legacy/graph.py`)

Plan-and-Execute: Structured workflow with human-in-the-loop planning
Sequential Processing: Creates sections one by one with reflection
Interactive Control: Allows feedback and approval of report plans
Quality Focused: Emphasizes accuracy through iterative refinement

2. Multi-Agent Implementation (`legacy/multi_agent.py`)

Supervisor-Researcher Architecture: Coordinated multi-agent system
Parallel Processing: Multiple researchers work simultaneously
Speed Optimized: Faster report generation through concurrency
MCP Support: Extensive Model Context Protocol integration

See src/legacy/legacy.md for detailed documentation, configuration options, and usage examples for both legacy implementations.

rl-swarm

Sat, 28 Jun 2025 15:28:05 +0800

gensyn-ai/rl-swarm

RL Swarm

RL Swarm is a peer-to-peer system for reinforcement learning. It allows you to train models collaboratively with others in the swarm, leveraging their collective intelligence. It is open source and permissionless, meaning you can run it on a consumer laptop at home or on a powerful GPU in the cloud. You can also connect your model to the Gensyn Testnet to receive an on-chain identity that tracks your progress over time.

Currently, we are running the reasoning-gym swarm on the Testnet. This swarm is designed to train models to solve a diverse set of reasoning tasks using the reasoning-gym dataset. The current list of default models includes:

Models:

Gensyn/Qwen2.5-0.5B-Instruct
Qwen/Qwen3-0.6B
nvidia/AceInstruct-1.5B
dnotitia/Smoothie-Qwen3-1.7B
Gensyn/Qwen2.5-1.5B-Instruct

This iteration of rl-swarm is powered by the GenRL-Swarm library. It is a fully composable framework for decentralized reinforcement learning which enables users to create and customize their own swarms for reinforcement learning with multi-agent multi-stage environments.

Requirements

Your hardware requirements will vary depending on a number of factors including model size and the accelerator platform you use. Users running large NVIDIA GPU will be assigned a model from the large model pool, while users running less powerful hardware will be assigned a model from the small model pool. This design decision is intended to allow users to advance at a similar rate regardless of the hardware they use, maximizing their utility to the swarm.

Supported Hardware

arm64 or x86 CPU with minimum 32gb ram (note that if you run other applications during training it might crash training).

CUDA devices (officially supported):
- RTX 3090
- RTX 4090
- RTX 5090
- A100
- H100

With either configuration, you will need Python >=3.10 (for Mac, you will likely need to upgrade).

⚠️ Please read before continuing ⚠️

This software is experimental and provided as-is for users who are interested in using (or helping to develop) an early version of the Gensyn Protocol for training models.

If you care about on-chain participation, you must read the Identity Management section below.

If you encounter issues, please first check Troubleshooting. If you cannot find a solution there, please check if there is an open (or closed) Issue. If there is no relevant issue, please file one and include 1) all relevant logs, 2) information about your device (e.g. which GPU, if relevant), and 3) your operating system information.

Instructions

Run the Swarm

The easiest way to run RL Swarm is using Docker. This ensures a consistent setup across all operating systems with minimal dependencies.

1. Clone this repo

`1`	`git clone https://github.com/gensyn-ai/rl-swarm`

2. Install Docker

Make sure you have Docker installed and the Docker daemon is running on your machine. To do that, follow these instructions according to your OS. Ensure you allot sufficient memory to the Docker containers. For example if using Docker Desktop, this can be done by going to Docker Desktop Settings > Resources > Advanced > Memory Limit, and increasing it to the maximum possible value.

3. Start the Swarm

Run the following commands from the root of the repository.

CPU support

If you’re using a Mac or if your machine has CPU-only support:

`1`	`docker-compose run --rm --build -Pit swarm-cpu`

GPU support

If you’re using a machine with an officially supported GPU:

`1`	`docker-compose run --rm --build -Pit swarm-gpu`

Docker compose issue

If docker-compose does not work when running the above commands, please try docker compose (no hyphen) instead. I.e. docker compose run --rm --build -Pit swarm-gpu. This issue sometimes occurs on users running Ubuntu.

Experimental (advanced) mode

If you want to experiment with the GenRL-Swarm library and its configurable parameters, we recommend you run RL Swarm via shell script:

1
2
3

python3 -m venv .venv
source .venv/bin/activate
./run_rl_swarm.sh

To learn more about experimental mode, check out our getting started guide.

A browser window will pop open (you’ll need to manually navigate to http://localhost:3000/ if you’re on a VM).
Click ’login'.
Login with your preferred method.

Huggingface

If you would like to upload your model to Hugging Face, enter your Hugging Face access token when prompted. You can generate one from your Hugging Face account, under Access Tokens.

Initial peering and training

From this stage onward your device will begin training. You should see your peer register and vote on-chain here.

You can also track your training progress in real time:

On The RL-Swarm Dashboard: dashboard.gensyn.ai

Identity management

Introduction

On-chain identity is managed via an Alchemy modal sign-in screen. You need to supply an email address or login via a supported method (e.g. Google). This creates an EOA public/private key (which are stored by Alchemy). You will also receive local session keys in the userApiKey. Note that these aren’t your EOA public/private keys.

During the initial set-up process, you will also create a swarm.pem file which maintains the identity of your peer. This is then registered on chain using the EOA wallet hosted in Alchemy, triggered using your local api keys. This links the swarm.pem to the email address (and corresponding EOA in Alchemy).

If you want to link multiple nodes to a single EOA, simply sign up each node using the same email address. You will get a new peer ID for each node, however they will all be linked to the same EOA that your email is linked to.

Please note: if you are using a fork of this repo, or a service organised by someone else (e.g. a ‘one click deployment’ provider) the identity management flow below is not guaranteed.

What this means

In the following two scenarios, everything will work (i.e. you will have an on-chain identity linked with your RL Swarm peer training):

The very first time you run the node from scratch with a new email address. The smart account will be created fresh and linked with the swarm.pem that is also fresh.
If you run it again with a swarm.pem AND login the original email address used with that swarm.pem. Note: this will throw an error into the log on registration but will still be able to sign transactions.

In the following two scenarios, it will not work (i.e. you won’t have an on-chain identity linked with your RL Swarm peer training):

If you keep your swarm.pem and try to link it to an email address distinct from the one with which it was first registered.

Therefore, you should do these actions in the following scenarios

Signed up with email address, generated swarm.pem, BUT lost swarm.pem OR You want to run multiple nodes at once: run from scratch with the same email address and generate a new swarm.pem.
Signed up with email address, generated swarm.pem, kept swarm.pem -> you can re-run a single node using this pair if you’ve still got them both.

Troubleshooting

How do I find my logs? You can find them inside the /logs directory:
- yarn.log: This file contains logs for the modal login server.
- swarm.log: This is the main log file for the RL Swarm application.
- wandb/: This directory contains various logs related to your training runs, including a debug.log file. These can be updated to Weights & Biases (only available if you log_with wandb).
My peer ‘skipped a round’: this occurs when your device isn’t fast enough to keep up with the pace of the swarm. For example, if you start training at round 100 and by the time you finish training the rest of the swarm reaches round 102, you will skip round 101 and go straight to 102. This is because your peer is more valuable if it is participating in the active round.
My model doesn’t seem to be training?
- If you’re using a consumer device (e.g. a MacBook), it is likely just running slowly - check back in 20 minutes.
Logging in with a new account after previous login?
- Make sure you click ‘Logout’ on the login screen before you leave your previous session
- Make sure you delete swarm.pem from the root directory (try sudo rm swarm.pem). If you don’t do this, and you previously registered with the peer-id stored in this file, it will disrupt the training process.
Issues with the Login screen
- Upgrade viem: some users report issues with the viem package. There are two fixes:
  - in the modal-login/package.json update: "viem": "2.25.0"
  - in the terminal cd /root/rl-swarm/modal-login/ && yarn upgrade && yarn add next@latest && yarn add viem@latest
I’m getting lots of warnings
- This is expected behaviour and usually the output of the package managers or other dependencies. The most common is the below Protobuf warning - which can be ignored
  1
  
  WARNING: The candidate selected for download or install is a yanked version: 'protobuf' candidate...
Issues on VMs/VPSs?
- How do I access the login screen if I’m running in a VM?: port forwarding. Add this SSH flag: -L 3000:localhost:3000 when connecting to your VM. E.g. gcloud compute ssh --zone "us-central1-a" [your-vm] --project [your-project] -- -L 3000:localhost:3000. Note, some VPSs may not work with rl-swarm. Check the Gensyn discord for up-to-date information on this.
- Disconnection/general issues: If you are tunneling to a VM and suffer a broken pipe, you will likely encounter OOM or unexpected behaviour the first time you relaunch the script. If you control + c and kill the script it should spin down all background processes. Restart the script and everything should work normally.
Issues with npm/general installation?
- Try npm install -g node@latest
OOM errors on MacBook?
- Try this (experimental) fix to increase memory:
  1
  
  export PYTORCH_MPS_HIGH_WATERMARK_RATIO=0.0
I have a Windows machine, can I still train a model on the swarm?: Yes - but this is not very well tested and may require you to do some debugging to get it set up properly. Install WSL and Linux on your Windows machine using the following instructions: https://learn.microsoft.com/en-us/windows/wsl/install
I want to move my to a different machine and/or restart with a fresh build of the repo, but I want my animal name/peer id to persist.: To achieve this simply backup the swarm.pem file on your current machine and then put it in the corresponding location on your new machine/build of the repo.
I have multiple GPUs on one machine, can I run multiple peers?: Yes - but you’ll need to manually change things. You’ll need to isolate each GPU, install this repo for each GPU, and expose each peer under a different port to pass the modal onboard.
My round/stage is behind the smart contract/other peers?: This is expected behaviour given the different speeds of machines in the network. Once your machine completes it’s current round, it will move to the the current round.
I want to use a bigger and/or different model in the RL swarm, can I do that?: Yes - but we only recommend doing so if you are comfortable understanding what size model can reasonably run on your hardware. If you elect to bring a custom model, just paste the repo/model name into the command line when prompted.
I am running a model in the swarm on my CPU, have received a python RuntimeError, and my training progress seems to have stopped.: There are several possible causes for this, but before trying anything please wait long enough to be sure your training actually is frozen and not just slow (e.g., wait longer than a single training iteration has previously taken on your machine). If you’re sure training is actually frozen, then some things to try are:
- Set this (experimental) fix: export PYTORCH_MPS_HIGH_WATERMARK_RATIO=0.0 && ./run_rl_swarm.sh

llama-cookbook

Wed, 09 Apr 2025 15:29:20 +0800

meta-llama/llama-cookbook

Llama Cookbook: The Official Guide to building with Llama Models

Checkout our latest model tutorial here: Build with Llama 4 Scout

Welcome to the official repository for helping you get started with inference, fine-tuning and end-to-end use-cases of building with the Llama Model family.

This repository covers the most popular community approaches, use-cases and the latest recipes for Llama Text and Vision models.

[!TIP] Popular getting started links:

Build with Llama 4 Scout

Multimodal Inference with Llama 3.2 Vision

Inferencing using Llama Guard (Safety Model)

[!TIP] Popular end to end recipes:

Email Agent

NotebookLlama

Text to SQL

Note: We recently did a refactor of the repo, archive-main is a snapshot branch from before the refactor

Repository Structure:

3P Integrations: Getting Started Recipes and End to End Use-Cases from various Llama providers
End to End Use Cases: As the name suggests, spanning various domains and applications
Getting Started: Reference for inferencing, fine-tuning and RAG examples
src: Contains the src for the original llama-recipes library along with some FAQs for fine-tuning.

FAQ:

Q: What happened to llama-recipes? A: We recently renamed llama-recipes to llama-cookbook.
Q: Prompt Template changes for Multi-Modality? A: Llama 3.2 follows the same prompt template as Llama 3.1, with a new special token <|image|> representing the input image for the multimodal models. More details on the prompt templates for image reasoning, tool-calling, and code interpreter can be found on the documentation website.
Q: I have some questions for Fine-Tuning, is there a section to address these? A: Checkout the Fine-Tuning FAQ here.
Q: Some links are broken/folders are missing: A: We recently did a refactor of the repo, archive-main is a snapshot branch from before the refactor.
Q: Where can we find details about the latest models? A: Official Llama models website.

Contributing

Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.

License

See the License file for Meta Llama 3.2 here and Acceptable Use Policy here

See the License file for Meta Llama 3.1 here and Acceptable Use Policy here

See the License file for Meta Llama 3 here and Acceptable Use Policy here

See the License file for Meta Llama 2 here and Acceptable Use Policy here

Models on Producthunt daily

Prompt-Engineering-Guide

dair-ai/Prompt-Engineering-Guide

Prompt Engineering Guide

Sponsored by

Announcements / Updates

Guides

Lecture

Running the guide locally

Appearances

License

cai

aliasrobotics/cai

Cybersecurity AI (CAI)

:bookmark: Table of Contents

🎯 Impact

🏆 Competitions and challenges

📊 Research Impact

📚 Research products: Cybersecurity AI

PoCs

Motivation

:bust_in_silhouette: Why CAI?

Ethical principles behind CAI

Closed-source alternatives

Learn - CAI Fluency

:nut_and_bolt: Install

OS X

Ubuntu 24.04

Ubuntu 20.04

Windows WSL

Android

:nut_and_bolt: Setup .env file

🔹 Custom OpenAI Base URL Support

:triangular_ruler: Architecture:

🔹 Agent

🔹 Tools

🔹 Handoffs

🔹 Patterns

🔹 Turns and Interactions

🔹 Tracing

🔹 Guardrails

🔹 Human-In-The-Loop (HITL)

:rocket: Quickstart

Environment Variables

OpenRouter Integration

Azure OpenAI

MCP

Development

Contributions

Optional Requirements: caiextensions

:information_source: Usage Data Collection

Reproduce CI-Setup locally

FAQ

Citation

Acknowledgements

Academic Collaborations

vllm

vllm-project/vllm

Easy, fast, and cheap LLM serving for everyone

About

Getting Started

Contributing

Sponsors

Citation

Contact Us

Media Kit

open_deep_research

langchain-ai/open_deep_research

Open Deep Research

🚀 Quickstart

Configurations

General Settings

Research Configuration

Models

Example MCP (Model Context Protocol) Servers

Local MCP Servers

Remote MCP Servers

Evaluation

Features:

Usage:

Cybersecurity AI (`CAI`)

📚 Research products: `Cybersecurity AI`

Learn - `CAI` Fluency

:nut_and_bolt: Setup `.env` file

1. Workflow Implementation (`legacy/graph.py`)

2. Multi-Agent Implementation (`legacy/multi_agent.py`)