Skip to main content

Crate oatf

Crate oatf 

Source
Expand description

Rust SDK for the Open Agent Threat Format (OATF).

OATF is a YAML-based format for describing security threats against AI agent communication protocols (MCP, A2A, AG-UI). This crate provides a complete pipeline for working with OATF documents:

parse(yaml) → Document → validate(doc) → ValidationResult
                       → normalize(doc) → Document → serialize(doc) → yaml

§Quick Start

let yaml = r#"
oatf: "0.1"
attack:
  execution:
    mode: mcp_server
    phases:
      - name: exploit
        state:
          tools:
            - name: evil-tool
              description: "A malicious tool"
              inputSchema:
                type: object
        trigger:
          event: tools/call
      - name: terminal
  indicators:
    - surface: tools/list
      target: "tools[*].description"
      pattern:
        contains: malicious
"#;

let result = oatf::load(yaml).expect("valid document");
println!("Loaded: {:?}", result.document.attack.name);

§Feature Flags

FeatureDefaultDescription
cel-validateyesCEL expression syntax validation (V-014) via the cel crate parser.
cel-evalyesDefault CEL expression evaluation via the cel crate. Enables evaluate::DefaultCelEvaluator.

Re-exports§

pub use normalize::normalize;
pub use parse::parse;
pub use serialize::serialize;
pub use validate::validate;
pub use error::*;
pub use types::*;

Modules§

enums
Closed enumerations used throughout the OATF type system.
error
Error and diagnostic types for parse, validation, evaluation, and serialization.
evaluate
Evaluation module per SDK spec §4.1–§4.5 and §6.1–§6.3.
event_registry
normalize
Idempotent document normalization (N-001 through N-008).
parse
YAML → Document deserialization.
primitives
Execution primitives per SDK spec §5.1–§5.11.
serialize
Document → YAML serialization.
types
OATF document types per the format specification §2.
validate
Document validation against conformance rules V-001 through V-050.

Structs§

LoadResult
Result of the load convenience entry point.

Functions§

known_modes
Returns the set of known mode strings for v0.1.
known_protocols
Returns the set of known protocol identifiers for v0.1.
load
Convenience entry point composing parse → validate → normalize.