Secure AI OS · AISVS training & audit kit
By an OWASP AISVS project leader

LAInux

The secure operating system for AI, and the hands-on kit for the OWASP AI Security Verification Standard. Boot it, and you can build, run and verify AI security to the standard. Offline or airgapped.

Two things in one

A secure AI OS, and an AISVS kit

Secure AI OS

Trust enforced by the platform

Run agents on an OS with agent identity, per-action signing and human-in-the-loop built in. The agent does its job; the OS proves what it did.

AISVS kit

Train, attack, verify

The full toolkit to learn and audit AI security against the OWASP AISVS standard, offline or airgapped.

What ships

The kit, in the image

SCANNER

CLAW

AISVS verification scanner. Technical enumeration across LLM, MCP and agents.

AGENT SKILLS

AISVS skills + AI-DAST

Agent skills for every AISVS domain, plus the offensive AI-DAST engine.

PRACTICE TARGETS

DVMCP & DVRAG

Damn Vulnerable MCP and RAG, local and sandboxed. The only broken-by-design parts.

IDENTITY

MCPS & AgentPass

Agent identity, per-message signing and graduated trust on the command line.

EVIDENCE

Inference signing

Sign model input and output so what the model did is provable.

OFFLINE

Guardrailed local LLM

A normal, guardrailed model for offline and airgapped auditing.

No de-guardrailed model ships. Vulnerable behaviour lives only in the clearly labelled DVMCP and DVRAG practice targets.

For auditors

The kit behind the Certified AISVS Auditor course.

LAInux is the toolkit auditors use to verify AI to the standard. Learn it, hands-on, on the course.

Explore the Auditor Course