# RelayShield Agentic Attack Surface: smolagents tools + MITRE ATT&CK dataset for agent security

> Source: <https://discuss.huggingface.co/t/relayshield-agentic-attack-surface-smolagents-tools-mitre-att-ck-dataset-for-agent-security/177941#post_1>
> Published: 2026-07-17 20:14:43+00:00

We built four `smolagents.Tool`

classes that let an agent check its own attack surface before acting: is the MCP server it’s about to connect to known-malicious, does incoming content match known prompt-injection patterns, does its own tech stack (including agent frameworks — LangChain, CrewAI, AutoGPT, etc.) carry a known CVE, and bulk identity-risk scoring for domains/emails.

`https://huggingface.co/blog/relayshieldadmin/smolagents-agent-security-tools`

This sits on top of a live threat-intel pipeline (3M+ IOCs, 4,500+ tracked malware families, 40+ monitored criminal marketplaces, 20+ authoritative feeds) rather than a static demo.

Feedback welcome, especially on which of the other ~20 endpoints (identity-risk, wallet/token/NFT security, supply-chain, etc.) would be worth wrapping as tools next.

— RelayShield
