Standards Coverage

ATR maps to every major AI security framework.

Go from "understand the threat" to "detect it" without building rules from scratch.

OWASP Agentic

10/10

SAFE-MCP

78/85 (91.8%)

OWASP AST10

7/10

PINT F1

0

OWASP Agentic Top 10

10/10 categories covered.

ID

Category

Rules

Status

ASI01

Agent Goal Hijack

13

STRONG

ASI02

Tool Misuse & Exploitation

11

STRONG

ASI03

Identity & Privilege Abuse

9

STRONG

ASI04

Agentic Supply Chain Vulnerabilities

8

STRONG

ASI05

Unexpected Code Execution / RCE

8

STRONG

ASI06

Memory & Context Poisoning

8

STRONG

ASI07

Insecure Inter-Agent Communication

5

MODERATE

ASI08

Cascading Failures

4

MODERATE

ASI09

Human-Agent Trust Exploitation

5

MODERATE

ASI10

Rogue Agents

7

MODERATE

OWASP Agentic Skills Top 10 (AST10)

8/10 categories with rule coverage. 3 categories are process/meta-level (not pattern-detectable).

ID

Category

Rules

Status

AST01

Malicious Skills

7

STRONG

AST02

Supply Chain Compromise

8

STRONG

AST03

Over-Privileged Skills

4

MODERATE

AST04

Insecure Metadata

3

MODERATE

AST05

Unsafe Deserialization

3

MODERATE

AST06

Weak Isolation

3

PARTIAL

AST07

Update Drift

2

PARTIAL

AST08

Poor Scanning

0

GAP (meta-concern)

AST09

No Governance

0

GAP (process-level)

AST10

Cross-Platform Reuse

1

PARTIAL

SAFE-MCP (OpenSSF)

78 of 85 techniques covered (91.8%).

View full SAFE-MCP mapping on GitHub →

MITRE ATLAS

Per-rule MITRE ATLAS references in each rule YAML. Grouped by tactic in the rule explorer.

Browse rules with MITRE mappings →