{"id":94188,"title":"Superagent — Defender of AI agents 🥷","tagline":"Superagent protects AI agents from attacks and data leaks","body":"Hi YC 👋 We’re Alan and Ismail, founders of **Superagent (YC W24)**.\n\nWe’re building open-source **defense for AI agents**. Our product protects agents from prompt injections, malicious tool calls, and customer data leaks — in production, in CI/CD, and wherever they run.\n\n# The Problem\n\nAI agents introduce new attack surfaces that traditional security practices don’t cover:\n\n* **At runtime**: users can inject adversarial prompts that hijack an agent or force it to run harmful commands.\n* **At the model** layer: unsafe or poisoned outputs can embed backdoors into your stack.\n* **In CI/CD**: AI-generated code can contain harmful logic that slips through review and ships to production.\n\nWithout protection, agents can leak customer data or trigger destructive actions that impact your product and your users.\n\n# How Superagent Works\n\nAt the core is **SuperagentLM**, our small language model trained specifically for agentic security. Unlike static rules or regex filters, it reasons about inputs and outputs to catch subtle and novel attacks.\n\nSuperagent integrates at three key points:\n\n1. **Inference providers** — filter requests and responses at the API layer\n2. **Agent frameworks** — run runtime checks on every input, output, and tool call\n3. **CI/CD pipelines** — fail risky builds before unsafe code ships\n\nHere’s a quick example of how to use it with Exa (YC S21):\n\n![uploaded image](/media/?type=post\u0026id=94188\u0026key=user_uploads/1367556/35562a1a-829f-4fc0-bcc2-03952e3f58f6)\n\nEvery request is inspected in real time. Unsafe ones are blocked. Safe ones go through — with reasoning logs you can audit later.\n\n# Why We’re Building This\n\nWe’ve been working closely with builders of AI agents for the last couple of years, building tools for them. What we noticed is that many teams are basically trying to system-prompt their way to security. Vibe security (VibeSec) obviously doesn’t work.\n\nSome of the most popular agentic apps today are surprisingly unsafe in this way. So we decided to see if we could fix it. That’s the motivation behind Superagent: giving teams a real way to ship fast **and** ship safe.\n\n# Get Involved\n\n📖 [Read the docs](https://docs.superagent.sh/)\n\n📅 [Book a call](https://www.superagent.sh/)\n\nWe’d love your feedback: what’s your biggest concern about running agents in production? Book a call or drop a comment!\n\nAlan \u0026 Ismail 🥷🥷\\\n[Superagent](https://www.superagent.sh/) (YC W24)\n\n![uploaded image](/media/?type=post\u0026id=94188\u0026key=user_uploads/1367556/22c8addf-151e-4bf5-ade5-18f253df2bc4)\n\n","slug":"OVA-superagent-defender-of-ai-agents","created_at":"2025-09-29T14:01:06.539Z","updated_at":"2026-05-25T04:35:26.863Z","total_vote_count":14,"url":"https://www.ycombinator.com/launches/OVA-superagent-defender-of-ai-agents","share_image_url":"https://www.ycombinator.com/media/?type=post\u0026id=94188\u0026key=user_uploads/1367556/22c8addf-151e-4bf5-ade5-18f253df2bc4","company":{"id":29374,"name":"Superagent","slug":"superagent","url":"https://superagent.sh/","logo":"https://bookface-images.s3.amazonaws.com/small_logos/a5fb7dd012389ddf81869040550578bb786988ed.png","batch":"Winter 2024","industry":"B2B","tags":["Artificial Intelligence","Security","Open Source","AI"],"search_path":"https://bookface.ycombinator.com/company/29374"}}