Integrate

四條路徑。同一個終點。

100 條規則，隨時可整合。跟 Cisco 走的同一條路。

TypeScript / Node.js

$ npm install agent-threat-rules

import { createEngine } from 'agent-threat-rules';

const engine = createEngine();
const verdict = engine.evaluate({
  type: 'llm_input',
  content: userMessage,
  timestamp: new Date().toISOString(),
});

if (verdict.outcome === 'deny') {
  // Block the request
}

Python (pyATR)

Docs →

$ cd python && pip install -e .

from atr import ATREngine

engine = ATREngine()
result = engine.evaluate(event={
    "type": "llm_input",
    "content": user_message,
})

if result.outcome == "deny":
    # Block the request

Raw YAML (any language)

Docs →

$ git submodule add https://github.com/Agent-Threat-Rule/agent-threat-rules.git

# Point your scanner at rules/ directory
# Each .yaml file follows ATR schema v1.0
# Parse with any YAML library
# Schema: spec/atr-schema.yaml

rules/
  prompt-injection/    # 22 rules
  tool-poisoning/      # 11 rules
  agent-manipulation/  # 10 rules
  ...

SIEM Integration

Docs →

$ atr convert splunk --output splunk-queries.txt

# Convert ATR rules to SIEM query language
atr convert splunk    # Output SPL queries
atr convert elastic   # Output Elasticsearch Query DSL
atr convert sarif     # Output SARIF v2.1.0 for CI/CD

Schema 穩定性保證

If you depend on ATR as upstream, you need to know the format won't break. Here's our commitment:

ATR Schema v1.0 (current)

Published and stable. All new fields are optional additions. No existing field will be removed or renamed without a major version bump.

Backward Compatibility

Breaking changes only happen on major version transitions (v1 → v2). We provide migration guides and a minimum 6-month overlap period where both versions are supported.

Update Frequency

New rules are added continuously (avg 2-5 per week during active periods). Every rule passes CI validation + precision test before merge. Subscribe to GitHub Releases for changelogs.

Sync Methods

git submodule — pin to tag, update on your schedule
npm install — semver, lockfile controls version
GitHub Action— CI scans with latest rules automatically

為什麼用 ATR 而不是自己寫？

Coverage

100 rules, 13 CVEs mapped, OWASP 10/10

You start from zero

New attack response

< 1 hour via Threat Cloud crystallization

Depends on your team's bandwidth

Evasion testing

64 documented evasion techniques, tested on every PR

You probably won't test this

OWASP / MITRE mapping

Pre-built. 10/10 Agentic + MITRE ATLAS per rule

Hours of manual mapping work

Maintenance

Community-maintained. MIT. Zero cost.

Full-time security engineer workload

Ecosystem

Cisco, OWASP, OpenSSF already consuming

Isolated. No shared intelligence.

ATRInternal Rules

授權與法律

MIT License

Use commercially, modify, distribute, sublicense. No restrictions.

No CLA

No Contributor License Agreement. Contributions are MIT-licensed and belong to the community.

Vendor Neutral

ATR is not owned by any company. It is a community-governed open standard.

案例：Cisco 怎麼做的

ATR rules merged

1,272

lines added to Cisco AI Defense

3 days

from PR submission to merge

Cisco's DefenseClaw team integrated ATR rules as an upstream dependency. Their engineer submitted PR #79, we reviewed it, and it merged in 3 days. They then built a --rule-packs CLI feature (PR #80) specifically to consume ATR as a first-class rule source.

PR #79: Rules integration →PR #80: Rule-packs CLI →