Cybersecurity AI (CAI) is an open-source Python framework designed to enable security professionals to build and deploy AI-powered agents for offensive and defensive security automation. The framework serves researchers, ethical hackers, IT professionals, and organizations seeking to enhance their security posture through specialized AI agents capable of assisting with vulnerability discovery, exploitation, mitigation, and security assessment. CAI is positioned as the de facto framework for AI Security, with thousands of individual users and hundreds of organizations already leveraging it in production environments.
The framework supports over 300 AI models, including integrations with OpenAI, Anthropic, DeepSeek, and Ollama, providing flexibility in model selection and deployment. A key feature is the ability to run CAI without requiring an Alias API key by setting the environment variable CAI_LICENSE_OFF, which bypasses the license check and allows users to operate in open-source mode using any supported model provider. The framework includes built-in security tools ready for reconnaissance, exploitation, and privilege escalation tasks, along with guardrails protection against prompt injection and dangerous command execution. Its modular, agent-based architecture enables the creation of specialized agents tailored to different security tasks.
CAI has demonstrated real-world impact across multiple security domains. Case studies document its application in robotics security, discovering vulnerabilities in Unitree G1 humanoid robots including unauthorized telemetry transmission and exposed cryptographic keys. In operational technology environments, CAI powered by the alias1 model achieved a top-10 ranking in the Dragos OT CTF 2025, completing 32 of 34 challenges with a 37 percent velocity advantage over top human teams. The framework has been instrumental in bug bounty programs, with HackerOne's engineers using CAI to explore agentic AI architectures, and its Retester agent directly inspiring HackerOne's production AI-powered deduplication system. Additional case studies demonstrate CAI's effectiveness in discovering critical vulnerabilities in Ecoforest heat pumps, Mobile Industrial Robots platforms, Mercado Libre's e-commerce infrastructure, MQTT brokers, and web applications including race condition exploitation.
Repository activity data shows active development and community engagement. The three most active contributors tracked are vmayoral with 255 events, luijait with 165 events, and SoyGema with 124 events. Across 257 tracked issues and pull requests, the median response latency is one hour with a mean of 172.7 hours, indicating responsive maintenance. The most frequently applied issue labels are enhancement with 41 instances, bug with 27 instances, and configuration with 16 instances, reflecting ongoing feature development and refinement. The repository maintains connections with other security and infrastructure projects including projectdiscovery/nuclei-templates, fortawesome/font-awesome, and containers/podman through overlapping contributors.
CAI offers both a free community edition for research and learning and a professional edition priced at 350 euros monthly, featuring the proprietary alias1 model with unlimited tokens and zero refusals. The framework is actively maintained with a technical report available on arXiv documenting its design and capabilities. The project emphasizes that it is in active development and welcomes community contributions through issues and pull requests.