A pentest you can run before lunch.

npx brektra-cli scan http://localhost:3000 probes common chat endpoints with safe-mode prompt injection variants and reports what came back. No login, no account, no telemetry. Just signal.

Once you sign in (brektra login), the same CLI runs full cloud scans against verified domains and prints a replay link.

Every payload Brektra ships in Safe Mode is non-destructive. Prompt-injection probes only attempt to leak the system prompt, not to mutate state. RAG poisoning probes index attacker-controlled content but do not touch your knowledge base. Aggressive Mode is opt-in per target with an explicit flag.

The MCP exploitation category is first-class. Path traversal against filesystem servers, env-var leaks via debug tools, tool shadowing across multiple servers, schema poisoning. If you ship an agent with an MCP server attached, this is the attack surface that exists today and is barely tested elsewhere.

You probably already have a private list of payloads that exposed something on a previous project. Drop them into BYOE. The orchestrator runs them on every relevant scan in addition to its own attack library. Versioned, with safe-mode variants for anything destructive.