Skip to content

sunilgentyala/OmniRed

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
.claude-plugin
.claude-plugin
 
 
chatgpt
chatgpt
 
 
copilot
copilot
 
 
docs
docs
 
 
gemini
gemini
 
 
scripts
scripts
 
 
shared
shared
 
 
skills
skills
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 

Repository files navigation

OmniRed

Multi-AI Offensive Security Skills Library

The first offensive security skills library built for all four major AI platforms: Claude, ChatGPT, Gemini, and Microsoft Copilot.

Author: Sunil Gentyala, Independent Researcher License: Apache-2.0

Skills Platforms OWASP LLM Top 10 MITRE ATLAS

Why OmniRed

Every existing offensive security skills library targets a single AI. Security operators use multiple AI platforms depending on context, client environment, and task type. OmniRed gives you the same expert methodology regardless of which AI you are using.

Beyond platform breadth, OmniRed introduces three categories that no other library covers:

Category What it covers Why it matters
ai-native/ Prompt injection, jailbreaking, model extraction, system prompt leak Direct attacks against AI systems as targets
mcp/ Tool poisoning, rug pull, context injection, server impersonation Attacks on Model Context Protocol agent pipelines
llm-pipeline/ RAG poisoning, embedding attacks, retrieval manipulation Attacks on the data layer feeding LLMs

These categories were developed alongside published research in MCP security (ContextGuard, ICCBI 2026) and the ARGUS agentic red-team scanner.

Platforms

Platform Format Install
Claude (Claude Code) SKILL.md plugin See below
ChatGPT Custom GPT instructions chatgpt/PLATFORM.md
Gemini Gem instructions gemini/PLATFORM.md
Microsoft Copilot Declarative agent instructions copilot/PLATFORM.md

Skill Categories

skills/
├── ai-native/              NEW - AI/LLM systems as targets
│   ├── prompt-injection/       Direct + indirect + cross-context injection
│   ├── jailbreaking/           Constitutional AI bypass, roleplay, persona attacks
│   ├── model-extraction/       Query-based model stealing
│   └── system-prompt-extraction/  Leaked system prompt recovery
│
├── mcp/                    NEW - Model Context Protocol attacks
│   ├── tool-poisoning/         Hidden instructions in tool descriptions
│   ├── rug-pull/               Capability changes post-attestation
│   └── context-injection/      Cross-server context manipulation
│
├── llm-pipeline/           NEW - Data-layer attacks on LLM systems
│   ├── rag-poisoning/          Document + index poisoning
│   └── embedding-attacks/      Adversarial embedding manipulation
│
├── web/                    Web application attacks (9 skills)
├── auth/                   Authentication attacks (3 skills)
├── active-directory/       AD attacks (3 skills)
├── cloud/                  Cloud attacks (3 skills)
├── infrastructure/         EDR evasion, initial access (2 skills)
├── recon/                  OSINT, subdomain enumeration (2 skills)
├── supply-chain/           Model weight tampering (1 skill)
└── utility/                Report writing, CVSS4 scoring (2 skills)

Total: 85 skills across 11 categories, 4 AI platforms

Claude Install

Option A — Plugin (recommended)

# From any directory
claude mcp install https://github.com/sunilgentyala/OmniRed

Option B — Manual

# PowerShell
.\scripts\install-claude.ps1

Option C — Sparse checkout (one category)

git clone --filter=blob:none --sparse https://github.com/sunilgentyala/OmniRed
cd OmniRed
git sparse-checkout set skills/ai-native skills/mcp

Quick Start (Claude)

Once installed, trigger any skill by describing your task:

"I need to test this RAG pipeline for poisoning vulnerabilities"
→ loads skills/llm-pipeline/rag-poisoning

"Check this MCP server's tool descriptions for injection"
→ loads skills/mcp/tool-poisoning

"Test this app for SQL injection"
→ loads skills/web/sqli

ARGUS Integration

OmniRed skills map directly to ARGUS scan profiles. Use ARGUS to automate payload generation across the same attack surfaces covered here.

# Run ARGUS covering the same attack surfaces as OmniRed ai-native skills
argus scan --target anthropic --model claude-sonnet-4-6 --profile full

See ARGUS for automated LLM red-teaming.

Compliance Mapping

Every skill is tagged with:

Scope

OmniRed is designed for:

  • Authorized penetration testing engagements
  • Bug bounty programs (within scope)
  • CTF competitions
  • Security research in controlled environments
  • Red team operator training

See SECURITY.md for full responsible use policy.

Related Projects

Project What it is
ARGUS Agentic LLM red-team scanner (automated scanning)
ContextGuard MCP zero-trust middleware (defense)
mcp-trust-anchor MCP context poisoning defense
model-provenance-guard Model supply chain security

Star History

Star History Chart

Citation

@misc{gentyala2026omni,
  title  = {OmniRed: Multi-AI Offensive Security Skills Library},
  author = {Gentyala, Sunil},
  year   = {2026},
  url    = {https://github.com/sunilgentyala/OmniRed}
}

About

OmniRed: Multi-AI offensive security skills library for Claude, ChatGPT, Gemini & Microsoft Copilot — with unique MCP, LLM-pipeline, and AI-native attack categories. By Sunil Gentyala, Independent Researcher.

sunilgentyala.github.io/OmniRed/

Topics

gemini penetration-testing bug-bounty offensive-security red-team ai-security mitre-atlas chatgpt prompt-injection llm-security microsoft-copilot mcp-security claude-skills rag-poisoning owasp-llm-top10

Resources

Readme

License

View license

Security policy

Security policy
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages