AI Security Arsenal tackles a key challenge in AI-powered security testing: how to efficiently orchestrate multiple specialized testing capabilities without overwhelming AI model context windows. Instead of bundling complex workflows into monolithic prompts, it uses a modular, lazy-loading architecture designed for AI coding agents like Claude Code and OpenCode.
What AI Security Arsenal does and how it’s architected
This repository is a structured collection of 12 distinct security testing “skills,” each packaged as a thin router file named SKILL.md. Each skill is a compact decision tree, roughly 150-250 lines long, which delegates detailed workflows, payloads, methodologies, and schemas to sibling files only when needed. This design is intentional to optimize limited LLM context windows by avoiding loading large monolithic prompts that would leave little room for target code or tool output.
The skills cover a broad range of domains relevant to modern security testing:
- Mobile penetration testing for Android and iOS using tools like Frida and objection.
- Web application security including dynamic application security testing (DAST) and API security testing.
- Cloud security auditing across AWS, GCP, and Azure with CLI tools and ScoutSuite.
- Infrastructure as Code (IaC) security using Checkov, tfsec, and Terrascan.
- Container security leveraging Trivy, Kubescape, and kubectl.
- Network penetration testing using Nmap, BloodHound, Impacket, and CrackMapExec.
- Code analysis, including static application security testing (SAST) with Semgrep, Bandit, CodeQL, and software composition analysis (SCA) with Syft and Grype.
- AI/ML-specific security concerns like prompt injection and agent misuse.
- Threat modeling assisted by tools like Draw.io or Threat Dragon.
Each skill defines findings using JSON schemas, enabling automated validation and integration with security reporting tools like SARIF converters, Jira, or DefectDojo. Newer workflows include SARIF triage with exploitability ranking, SBOM diffing for container images, STRIDE generation from OpenAPI specs, and iterative OPA/Rego policy authoring loops.
The thin router design: balancing context window limits and modularity
What sets AI Security Arsenal apart is its modular “thin router” architecture. Instead of a massive prompt containing all workflows and payloads, each skill’s SKILL.md file acts as a decision tree with lazy-loaded sibling content. This means the AI agent loads just the necessary context for the current sub-task, keeping prompt size manageable.
This approach addresses a real bottleneck in AI-driven security testing: large context windows get saturated quickly, especially when dealing with complex multi-step workflows and tool outputs. By breaking the skill into a thin router and multiple smaller files (workflows, payloads, methodology, schemas), the arsenal maximizes the effective use of the limited token budget.
The codebase reflects this design with consistent architecture across skills, making it easier to extend or modify individual parts without affecting the whole. The JSON schema validation for findings ensures structured output that can be consumed by downstream tools, improving automation reliability.
Of course, this design brings tradeoffs. The reliance on external tools (e.g., Frida, Playwright, Burp Suite, Cloud CLIs) means the arsenal acts as an orchestrator rather than a standalone scanner. Users need these dependencies configured properly. Also, the lazy-loading means some overhead in switching contexts, which can affect throughput in large-scale scans.
The code itself is Python-based and organized cleanly, with clear separation between skill routing logic and payload/workflow definitions. This separation aids maintainability and aligns well with the AI agent’s operational model.
Quick start: prerequisites for each security domain
The README provides a clear matrix of requirements per skill category. Here’s the exact setup you need for each domain:
## Requirements
| Category | Skill | Key Requirements |
|----------|-------|------------------|
| Mobile | android-pentest | ADB, Frida, objection, rooted device, Mobile MCP (optional) |
| Mobile | ios-pentest | Frida, objection, jailbroken device, iproxy, Mobile MCP (optional) |
| Web | dast-automation | Playwright MCP, Nuclei, Python 3.8+ |
| Web | api-security | Burp Suite, Postman, jwt_tool |
| Cloud | cloud-security | Cloud CLI tools (aws, gcloud, az), ScoutSuite |
| Cloud | iac-security | Checkov, tfsec, Terrascan |
| Cloud | container-security | Trivy, Kubescape, kubectl |
| Network | network-pentest | Nmap, BloodHound, Impacket, CrackMapExec |
| Code | sast-orchestration | Semgrep, Bandit, CodeQL CLI |
| Code | sca-security | Syft, Grype, language package managers |
| AI/ML | llm-security | Python 3.8+, target LLM API access |
| Process | threat-modeling | Draw.io or Threat Dragon (optional) |
These requirements reflect the arsenal’s role as an orchestrator integrating best-of-breed tools rather than reimplementing scanning capabilities. This means setting up the arsenal involves preparing your environment with the relevant tooling for your target domain.
Verdict: who benefits from AI Security Arsenal?
AI Security Arsenal is a thoughtfully engineered collection of AI agent skills tailored for security professionals who want to harness AI coding agents for complex, multi-domain security testing. Its modular, lazy-loading architecture is a practical response to the token limits of current LLMs, making it a relevant tool for environments where AI agents automate or assist penetration testing and auditing workflows.
That said, it’s not a turnkey scanner. It demands familiarity with the underlying security tools and a willingness to manage the environment and dependencies. The JSON schema-based findings format and integrations with SARIF and DefectDojo are strong pluses for teams aiming to automate report ingestion and triage.
If you’re running AI-driven security testing with Claude Code or OpenCode agents and want a scalable, maintainable skillset architecture, AI Security Arsenal is worth examining. For those seeking a standalone, out-of-the-box scanner, it’s not the right fit.
Overall, the codebase is clean and consistent, with a clear design philosophy that’s worth understanding even if you don’t adopt it wholesale. It solves a real problem in AI-powered security automation: balancing detail and modularity against limited AI context windows.
→ GitHub Repo: hardw00t/ai-security-arsenal ⭐ 74 · Python