ROGUE

about

Built to make LLM deployments secure by default.

ROGUE measures every place a high-stakes AI agent can go wrong, whether the model can be broken, whether the human oversight is meaningful, and whether the accumulated knowledge is safe, against an independent, continuously-refreshed standard, with a reproducible signed record. One engine, one buyer.

the story

From hackathon to live platform.

ROGUE was built solo by Soren Nguia in roughly six days during the Bright Data × lablab.ai “Web Data UNLOCKED” hackathon in May 2026, an autonomous open-web LLM red-team agent.

Since the hackathon it has been extended into a hosted, multi-tenant platform, SDK, REST API, dashboard, and an MCP server, that is permanently live in production.

Grand Prize · Yonsei University CS Exhibition, 2024

Awarded to the founder for GPTFuzz optimization, an LLM-security fuzzer. ROGUE is his next LLM-security project, built and run live solo from Seoul, South Korea.

why this exists

A solo research build, in the open.

ROGUE is a solo research-and-engineering project, not a funded company. It began as a six-day hackathon build and kept getting extended, into a hosted platform, an MCP server, a benchmark layer, a self-recalibrating judge, to see how far one engineer can take a continuous open-web red-team, end to end and in production. It’s in early access: a real, running system with real measurements, and no paying customers yet. Every figure on this site traces to something measured; where the evidence is thin, it says so.

mission

To make high-stakes AI deployments safe by default, independent, continuous measurement of every way an agent goes wrong, with a signed record enterprises can trust.

how it works

One engine, three surfaces.

Surface one, the model. ROGUE harvests, reproduces, and judges LLM jailbreaks and prompt-injection from the open web, 15 open-web sources, scraper-agnostic and keyless by default, then surfaces the vulnerabilities and exactly how to fix them before attackers exploit them. This surface is mature and scannable today.

The same engine measures the two surfaces around the model. The human gate, whether a reviewer’s sign-off is meaningful, measured as a false-approve rate against an answer key provably independent of what it grades (live, currently a single-reviewer reading). And the agent’s memory, whether a shared skill pool leaks its secrets under an extraction red-team (research-validated against a weak open model). Each result ships as a reproducible, signed record.

ROGUE measures and verifies the fix; you own the runtime. We prove where an agent breaks and confirm the repair holds, without taking control of your deployment.

by the numbers

Verified, defensible figures.

459
attack primitives
298 open-web–harvested · 15 families · 15 sources
89.3%
judge–human agreement
JailbreakBench, v3 recalibrated
−41%
cost per successful breach
adaptive ladder vs fixed order
$0
default harvest cost
scraper-agnostic, keyless by default

contact

Get in touch.

email

Questions, partnerships, or anything else, reach the founder directly at nguiasoren@gmail.com.

Try the demo

ready when you are

Point ROGUE at your endpoint.

See what a continuous open-web red-team finds in your deployment, on a real report.