# OWASP Agentic AI CTF - FinBot DEMO

Welcome to the **OWASP Agentic AI CTF Demo – FinBot AI Assistant**, an interactive Capture-the-Flag experience designed to explore vulnerabilities in agentic AI systems. This environment is intended for educational use only.

## Live Instance

👉 **Launch the Live FinBot CTF: [owasp-finbot-ctf.org](http://owasp-finbot-ctf.org/)**

Redirected to: https://owasp-finbot-ctf-demo.onrender.com
<br></br>


## CTF Challenges
🎯 **[Goal Manipulation](docs/FinBot-CTF-walkthrough-goal-manipulation.md)**
<br></br>

## Participation Policy

Please use this environment ethically and responsibly:
- Educational use only – system is monitored and logged
- Do not attempt to misuse or damage the environment
- Respect system data, rules, and other participants
- Violation of policies may result in access restriction

By using the system, you acknowledge and agree to these terms.
<br></br>

## About the Project

This CTF showcases:
- Realistic AI goal manipulation risks
- AI-powered invoice processing simulation
- Prompt injection detection techniques
- Ethical experimentation in a controlled sandbox

Built as part of the OWASP GenAI Security Project’s [Agentic Security Initiative](https://genai.owasp.org/initiatives/#agenticinitiative).

**Creators:** [**Helen Oakley**](https://www.linkedin.com/in/helen-oakley/) and [**Allie Howe**](https://www.linkedin.com/in/allisonhowe/)
<br></br>


## How To Contribute

- Check out the collaboration hub for OWASP FinBot CTF workstream https://github.com/OWASP-ASI/FinBot-CTF-workstream 
<br></br>

## License

Licensed under the Apache License, Version 2.0 (the "License").

https://www.apache.org/licenses/LICENSE-2.0.html

Copyright 2025 OWASP GenAI Security Project and contributors.