Open Collective

Agent Threat Rules

COLLECTIVE
Open source
agent-security
prompt-injection
Fiscal Host: Open Source Collective

MIT-licensed AI agent threat detection standard. Shipping in production at Microsoft, Cisco, MISP, OWASP. Funded by the community that uses it.

This is Agent Threat Rules's pageAgent Threat Rules
Contribute
Connect
About
Today's Balance
$0.00
Quarterly threat-research rel...
$25,000
per month

Contribute

Become a financial contributor.

Financial Contributions

Recurring contribution
Backer

Solidarity sponsor. The community moves because you back it. Listed monthly in CONTRIBUTORS.md in the ATR repository plus profile featured on the O... Read more

Starts at
$5 USD / month
Recurring contribution
Friend

You use ATR day-to-day. Sponsorship matches that. Discord / Slack supporter badge plus the Backer perks.

$25 USD / month
Recurring contribution
Bronze

Your team relies on ATR in development workflows. Receive a small logo placement in the ATR repository README plus all Friend and Backer perks.

$200 USD / month
Recurring contribution
Silver

Your organisation runs ATR in non-production at meaningful scale. Mid-size logo on panguard.ai/sponsor and a quarterly progress call with the maint... Read more

$1,000 USD / month
Recurring contribution
Gold

Your organisation depends on ATR in production. Prime logo on panguard.ai/sponsor, monthly 1-on-1 call with the maintainer, and direct access to th... Read more

$5,000 USD / month
Custom contribution
Donation
Make a custom one-time or recurring contribution.

Agent Threat Rules is all of us

Our contributors 1

Thank you for supporting Agent Threat Rules.

Connect

Let’s get the ball rolling!

News from Agent Threat Rules

Updates on our activities and progress.

ATR is now accepting financial sponsors — here's exactly what changes when we hit $8K/month

ATR (Agent Threat Rules) is the open detection rule corpus running in production at Microsoft Agent Governance Toolkit, Cisco AI Defense, MISP via CIRCL, and OWASP A-S-R-H Project. 420+ rules, 96.9% recall on 498 real attack samples, MIT li...
Read more
Published on May 23, 2026 by Adamthereal

About

ATR is the open detection rule corpus running inside Microsoft Agent Governance Toolkit, Cisco AI Defense, MISP and OWASP A-S-R-H — 420+ rules, 96.9% recall on 498 real attack samples, maintained by one person in Taiwan.

Who already ships ATR

Microsoft Agent Governance Toolkit — PR #1277 merged, weekly auto-sync workflow.
Cisco AI Defense skill-scanner — PR #99 merged into v2.2.0, auto-sync workflow.
MISP via CIRCL — misp-galaxy PR #1207 and misp-taxonomies PR #323 merged.
OWASP A-S-R-H Project — PR #74 merged, contributor status granted.
NIST OSCAL Path 1 accepted. 23,000+ CLI downloads in the last 30 days. 751 confirmed malware skills found across OpenClaw, ClawHub, Skills.sh and Hermes ecosystems — already disclosed to the four ecosystems above.

What your sponsorship funds

Your monthly contribution funds rule research, the CVE-to-detection pipeline, and the response time when a new AI-agent attack is publicly disclosed. Today this is one maintainer’s nights and weekends. Sponsorship is the mechanism that keeps the cadence your engineering teams have come to depend on.

Three funding milestones

$2,000 / month — Keep the lights on. CI runners, npm and PyPI distribution, domain renewal, single-maintainer minimum stipend.
$8,000 / month — Second maintainer joins. Bus factor goes from one to two. This is the #1 risk every enterprise sponsor calls out.
$25,000 / month — Quarterly threat-research releases. CVE-to-detection pipeline, agentic adversarial corpus, public benchmarks, conference talks.

How we handle your money

Funds flow through Open Source Collective, Inc. — 501(c)(6), EIN 81-1567737 — our US fiscal host. Every expense is public on this page: payouts, receipts, the full ledger. No private channels, no off-ledger spending. Corporate sponsors receive standard nonprofit invoicing suitable for procurement and tax handling.

Strategic Partner — contract-backed engagement

For organizations running ATR in production at scale, Strategic Partner is the contract-backed engagement: named maintainer contact on a dedicated channel, 24-hour SLA on CVE-class updates, co-authored rules attributed to your organization, and sovereign / on-prem / air-gapped deployment terms negotiated per partner. Reference range US $20,000 – US $200,000+ per year, invoiced through Open Source Collective. Scope at panguard.ai/sponsor or email [email protected].

License

ATR is MIT licensed and will remain so in perpetuity. The rules, the conformance engine, the auto-review pipeline, and the rule schema are all open source. Sponsorship sustains maintenance — the standard itself stays free.

Our team

Adamthereal

Admin