RAMPART Tests Your AI Agents in Dev. What Catches Malicious Tool Calls in Production?
Microsoft has open-sourced two tools, RAMPART and Clarity, designed to enhance the security testing of AI agents during development. RAMPART allows developers to run safety and security tests, while Clarity provides insights into agent behavior. The tools aim to address vulnerabilities that static testing cannot cover, particularly in the context of tool calls made by agentic systems.
- ▪RAMPART is a Pytest-native framework for testing agentic systems before production.
- ▪Clarity adds behavioral visibility to how AI agents operate.
- ▪The tools help identify security issues that arise from tool output and indirect prompt injection.
Opening excerpt (first ~120 words) tap to expand
try { if(localStorage) { let currentUser = localStorage.getItem('current_user'); if (currentUser) { currentUser = JSON.parse(currentUser); if (currentUser.id === 3843392) { document.getElementById('article-show-container').classList.add('current-user-is-article-author'); } } } } catch (e) { console.error(e); } Cor E Posted on May 25 RAMPART Tests Your AI Agents in Dev. What Catches Malicious Tool Calls in Production? #security #ai #llm #appsec Microsoft just open-sourced two tools — RAMPART and Clarity — aimed at helping developers security-test AI agents before they ship. It's a genuinely useful contribution. It's also a partial solution to a problem that doesn't stop at the edge of your CI pipeline. Here's the gap, and what to do about it.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at DEV.to (Top).