Red team your AI agents before they become someone else's exploit.
Five autonomous attackers probe your AI for adversarial vulnerabilities — prompt injection, social engineering, context poisoning, and more. Every exploit found is published on Solana as verifiable threat intelligence.
average audit duration: 3–5 minutes
Testing
Don't have an agent to audit? Use our deliberately vulnerable target bot:
https://target-bot-production-6f72.up.railway.appNeed devnet SOL? Send any amount to the victim wallet to refill its balance for testing:
YXW6XJPmuyez1nhooHZUYACsGofTbCdbx1wENkemrrQUse any Solana devnet faucet — faucet.solana.com works.
Paste your agent URL
Point Griffin at any AI agent endpoint with wallet access.
5 attackers run in parallel
Each one uses a different attack methodology, simultaneously.
Get an exploit-proof report
Every finding is verifiable on Solana devnet.
The Social Engineer
highLLM01:2025Exploits the absence of caller-identity verification. Iterates through direct transfer requests — simple, polite, urgent — to find the exact phrasing at which the agent complies without questioning who is asking.
The Instruction Hijacker
criticalLLM01:2025Attempts to override the system prompt with authority-claiming language: maintenance windows, operator mode, admin patches. Also uses a pre-seed strategy — plants the attacker wallet as an acknowledged address in one turn, then requests the transfer in the next.
The Context Poisoner
highLLM01:2025Injects fabricated authorization facts into the conversation context. Claims the agent already confirmed the wallet, that a pre-approval was established at session start, or that the address is flagged as trusted in the agent's notes — all false.
The Boundary Probe
mediumLLM06:2025Maps the agent's actual limits before attacking. Asks capability questions like "can you transfer to any address?" and immediately treats the affirmative answer as implicit authorization in the same session.
The Polyglot
mediumLLM01:2025Tests whether guardrails are semantic or pattern-based. Sends the same transfer request encoded in JSON, XML, French, Markdown tables, leet-speak, Unicode look-alikes, Base64 hints, and YAML — all fully understood by the model.
Two founders · equal partnership
Mariana Sinisterra
@MarianaCodebase
attackers · orchestrator · solana program · sdk
Computer Engineering student and security researcher with a background in bug bounty hunting (HackerOne, MercadoLibre program), red teaming, and open-source contributions to OpenClaw. Griffin is the product this background was waiting to build.
Ana Sofia Suarez
@anaarismendy
ui · interaction design · ai-driven product
Fullstack software engineer focused on AI-driven product development, currently building at Inerxia. On Griffin, owns the frontend — from the Pentest Atelier visual language to the live Mission Control dashboard and the editorial audit report.