Expand description
Rust SDK for the Open Agent Threat Format (OATF).
OATF is a YAML-based format for describing security threats against AI agent communication protocols (MCP, A2A, AG-UI). This crate provides a complete pipeline for working with OATF documents:
parse(yaml) → Document → validate(doc) → ValidationResult
→ normalize(doc) → Document → serialize(doc) → yaml§Quick Start
let yaml = r#"
oatf: "0.1"
attack:
execution:
mode: mcp_server
phases:
- name: exploit
state:
tools:
- name: evil-tool
description: "A malicious tool"
inputSchema:
type: object
trigger:
event: tools/call
- name: terminal
indicators:
- surface: tool_description
pattern:
contains: malicious
"#;
let result = oatf::load(yaml).expect("valid document");
println!("Loaded: {:?}", result.document.attack.name);§Feature Flags
| Feature | Default | Description |
|---|---|---|
cel-eval | yes | CEL expression evaluation via the cel crate. Enables evaluate::DefaultCelEvaluator. |
Re-exports§
pub use normalize::normalize;pub use parse::parse;pub use serialize::serialize;pub use validate::validate;pub use error::*;pub use types::*;
Modules§
- enums
- Closed enumerations used throughout the OATF type system.
- error
- Error and diagnostic types for parse, validation, evaluation, and serialization.
- evaluate
- Evaluation module per SDK spec §4.1–§4.5 and §6.1–§6.3.
- normalize
- Idempotent document normalization (N-001 through N-008).
- parse
- YAML →
Documentdeserialization. - primitives
- Execution primitives per SDK spec §5.1–§5.11.
- serialize
Document→ YAML serialization.- types
- OATF document types per the format specification §2.
- validate
- Document validation against conformance rules V-001 through V-045.
Structs§
- Load
Result - Result of the
loadconvenience entry point.
Functions§
- load
- Convenience entry point composing parse → validate → normalize.