Problem Statement

Agentic AI systems increasingly read emails, access internal tools, and make autonomous decisions. However, they can be manipulated by trusted content into leaking privileged data or performing unauthorized actions — even when no traditional code vulnerability exists.

Current AI security solutions focus on detection or manual red teaming. There is no lightweight, autonomous system that can attack an AI agent, identify the reasoning flaw, patch it, and verify the fix automatically.

🔹 Solution

AXIOM introduces a closed-loop adversarial testing framework for Gemini-powered agents.

It:

Simulates a realistic attacker using Gemini reasoning

Exploits an indirect prompt injection vulnerability

Analyzes the agent’s decision boundary at a policy level

Generates a minimal defensive system rule

Re-attacks to verify that the fix works

The system measures security improvement using Mean Time to Exploit (MTTE).

🔹 How Gemini Is Used

AXIOM depends on Gemini for:

Multi-step adversarial reasoning (thinking mode)

Long-context attack crafting

Structured reasoning summaries

Controlled decision-boundary analysis

Gemini powers both:

The Victim Agent (OfficeManager)

The Adversarial Agent (AXIOM)

If no API key is available, the system falls back to deterministic mock responses for demo reliability

Built With

Share this project:

Updates