Professional certifications, CTF competitions, and training resources for AI security practitioners
Provides professional certifications, CTF competitions, and structured training resources for AI security career development. Use when users ask about career paths, certifications, or learning resources for AI security roles.
/plugin marketplace add pluginagentmarketplace/custom-plugin-ai-red-teaming/plugin install pluginagentmarketplace-ai-red-teaming-plugin@pluginagentmarketplace/custom-plugin-ai-red-teamingThis skill inherits all available tools. When active, it can use any tool Claude has access to.
assets/learning-path.yamlreferences/LEARNING-PATHS.mdscripts/track-progress.pyBuild professional expertise through certifications, CTFs, and structured training programs.
Skill: certifications-training
Agent: 01-red-team-lead
OWASP: Full LLM Top 10 Coverage
NIST: Govern, Map, Measure, Manage
Use Case: Professional development
┌────────────────────────────────────────────────────────────────────┐
│ AI SECURITY CAREER PATH │
├────────────────────────────────────────────────────────────────────┤
│ │
│ ENTRY LEVEL (0-2 years) │
│ ┌─────────────────────────────────────────────────────────────┐ │
│ │ Security Analyst → AI Security Analyst → Jr. Red Team │ │
│ │ Skills: Python, ML basics, Security fundamentals │ │
│ │ Certs: Security+, AI Fundamentals, CEH │ │
│ └─────────────────────────────────────────────────────────────┘ │
│ ↓ │
│ MID LEVEL (2-5 years) │
│ ┌─────────────────────────────────────────────────────────────┐ │
│ │ AI Red Team Engineer → Senior Red Team → Team Lead │ │
│ │ Skills: Adversarial ML, LLM security, Tool development │ │
│ │ Certs: OSCP, CAISP, Cloud AI certs │ │
│ └─────────────────────────────────────────────────────────────┘ │
│ ↓ │
│ SENIOR LEVEL (5+ years) │
│ ┌─────────────────────────────────────────────────────────────┐ │
│ │ Principal → Director → CISO (AI Focus) │ │
│ │ Skills: Strategy, Research, Thought leadership │ │
│ │ Certs: CISSP, Research publications, Speaking │ │
│ └─────────────────────────────────────────────────────────────┘ │
│ │
└────────────────────────────────────────────────────────────────────┘
Certifications:
CAISP (Certified AI Security Professional):
provider: "(ISC)²"
focus: "AI Security Architecture"
prerequisites: "5 years security experience"
domains:
- AI/ML Security Fundamentals
- Secure AI Development
- AI Threat Modeling
- AI Governance & Compliance
renewal: "3 years, CPE credits"
value: "Industry recognized, comprehensive"
Google AI Red Team Certificate:
provider: "Google"
focus: "LLM Security Testing"
prerequisites: "ML experience recommended"
topics:
- Prompt injection attacks
- Model extraction
- Safety evaluation
- Responsible disclosure
format: "Online, self-paced"
value: "Vendor-specific, practical"
Microsoft AI-900:
provider: "Microsoft"
focus: "Azure AI Fundamentals"
prerequisites: "None"
topics:
- AI/ML concepts
- Azure AI services
- Responsible AI principles
format: "Exam-based"
value: "Entry-level, cloud-focused"
AWS Machine Learning Specialty:
provider: "Amazon"
focus: "ML on AWS"
prerequisites: "AWS experience"
topics:
- Data engineering
- Modeling
- ML implementation
- Security considerations
format: "Exam-based"
value: "Cloud-focused, practical"
Core Security Certifications:
OSCP:
provider: "Offensive Security"
relevance: "Penetration testing methodology"
ai_application: "API testing, infrastructure attacks"
difficulty: "High"
recommendation: "Highly recommended"
GPEN:
provider: "SANS"
relevance: "Enterprise penetration testing"
ai_application: "Comprehensive testing approach"
difficulty: "Medium-High"
recommendation: "Recommended"
CEH:
provider: "EC-Council"
relevance: "Ethical hacking fundamentals"
ai_application: "Basic attack techniques"
difficulty: "Medium"
recommendation: "Good starting point"
CISSP:
provider: "(ISC)²"
relevance: "Security architecture"
ai_application: "Security program design"
difficulty: "High"
recommendation: "For senior roles"
CCSP:
provider: "(ISC)²"
relevance: "Cloud security"
ai_application: "Cloud-hosted AI systems"
difficulty: "High"
recommendation: "For cloud-focused roles"
class AISecurityCTFs:
"""Catalog of AI security CTF competitions."""
CTF_CATALOG = {
"Tensor Trust": {
"focus": "Prompt injection defense",
"type": "ongoing",
"difficulty": "beginner_to_advanced",
"url": "https://tensortrust.ai/",
"skills_tested": [
"Prompt injection attack",
"Defense strategies",
"Jailbreak techniques"
],
"prizes": "Leaderboard ranking"
},
"HackAPrompt": {
"focus": "LLM jailbreaking",
"type": "annual",
"difficulty": "all_levels",
"organizer": "Learn Prompting",
"skills_tested": [
"Prompt engineering",
"Safety bypass",
"Creative attacks"
],
"prizes": "$35,000+ total"
},
"AI Village CTF": {
"focus": "General AI security",
"type": "annual",
"venue": "DEF CON",
"difficulty": "intermediate_to_expert",
"skills_tested": [
"Model attacks",
"Adversarial ML",
"LLM exploitation"
],
"prizes": "Recognition, swag"
},
"Adversarial ML CTF": {
"focus": "Image classification attacks",
"type": "conference",
"venue": "NeurIPS, CVPR",
"difficulty": "advanced",
"skills_tested": [
"Adversarial examples",
"Evasion attacks",
"Robustness evaluation"
],
"prizes": "Research recognition"
},
"Gandalf": {
"focus": "Prompt injection levels",
"type": "ongoing",
"difficulty": "beginner_to_intermediate",
"url": "https://gandalf.lakera.ai/",
"skills_tested": [
"Progressive prompt injection",
"Filter bypass",
"Secret extraction"
],
"prizes": "Learning experience"
}
}
Platforms:
Lakera (Red Team Arena):
focus: "LLM security"
cost: "Free"
features:
- Prompt injection challenges
- Jailbreak scenarios
- Leaderboard
url: "https://gandalf.lakera.ai/"
HackTheBox AI Labs:
focus: "AI/ML security"
cost: "Premium"
features:
- Realistic environments
- Progressive difficulty
- Write-ups available
url: "https://www.hackthebox.com/"
TryHackMe AI Paths:
focus: "Learning paths"
cost: "Freemium"
features:
- Guided learning
- AI security rooms
- Certificates
url: "https://tryhackme.com/"
PentesterLab:
focus: "Web + API security"
cost: "Subscription"
features:
- API testing skills
- Applicable to AI APIs
- Exercises with solutions
url: "https://pentesterlab.com/"
class LearningPathGenerator:
"""Generate personalized learning paths."""
PATHS = {
"beginner": {
"duration": "6 months",
"prerequisites": ["Basic Python", "Linux fundamentals"],
"modules": [
{
"name": "ML/DL Fundamentals",
"resources": [
"Fast.ai: Practical Deep Learning",
"Coursera: Machine Learning (Andrew Ng)",
"HuggingFace NLP Course"
],
"duration": "2 months"
},
{
"name": "Security Basics",
"resources": [
"TryHackMe: Pre-Security Path",
"OWASP Web Security Testing Guide",
"PortSwigger Web Security Academy"
],
"duration": "2 months"
},
{
"name": "AI Security Introduction",
"resources": [
"Gandalf (Lakera) - All levels",
"OWASP LLM Top 10 Study",
"Introduction to Adversarial ML (course)"
],
"duration": "2 months"
}
],
"certifications": ["CompTIA Security+", "AI-900"]
},
"intermediate": {
"duration": "12 months",
"prerequisites": ["ML experience", "Security fundamentals"],
"modules": [
{
"name": "Adversarial ML Deep Dive",
"resources": [
"Stanford CS234: Adversarial Robustness",
"ART (IBM) Tutorials",
"TextAttack Documentation"
],
"duration": "3 months"
},
{
"name": "LLM Security Specialization",
"resources": [
"PyRIT Documentation & Labs",
"garak Tool Mastery",
"Prompt Injection Research Papers"
],
"duration": "3 months"
},
{
"name": "Tool Development",
"resources": [
"Build custom probes for garak",
"PyRIT orchestrator development",
"Contribute to open source"
],
"duration": "3 months"
},
{
"name": "CTF Competition",
"resources": [
"Participate in AI Village CTF",
"HackAPrompt competition",
"Create CTF challenges"
],
"duration": "3 months"
}
],
"certifications": ["OSCP", "Google AI Red Team"]
},
"advanced": {
"duration": "24+ months",
"prerequisites": ["AI red team experience", "Research background"],
"modules": [
{
"name": "Original Research",
"resources": [
"Read latest papers (arXiv, OpenReview)",
"Conduct novel research",
"Publish findings"
],
"duration": "Ongoing"
},
{
"name": "Thought Leadership",
"resources": [
"Conference speaking (DEF CON, NeurIPS)",
"Blog writing",
"Tool development"
],
"duration": "Ongoing"
},
{
"name": "Mentorship",
"resources": [
"Mentor junior practitioners",
"Create training content",
"Community building"
],
"duration": "Ongoing"
}
],
"certifications": ["CISSP", "CAISP"]
}
}
Essential Reading:
Books:
- title: "Adversarial Machine Learning"
authors: "Joseph et al."
focus: "Attack and defense fundamentals"
level: "Intermediate"
- title: "Trustworthy Machine Learning"
authors: "Kang et al."
focus: "Safety, fairness, privacy"
level: "Advanced"
- title: "The Art of Prompt Engineering"
focus: "LLM interaction patterns"
level: "Beginner-Intermediate"
Research Papers:
- "Ignore This Title and HackAPrompt" (2023)
- "Universal and Transferable Adversarial Attacks" (2023)
- "Extracting Training Data from LLMs" (2023)
- "Jailbreaking LLMs: A Comprehensive Study" (2024)
Industry Reports:
- "OWASP LLM Top 10 2025"
- "NIST AI Risk Management Framework"
- "MITRE ATLAS Adversarial Threat Landscape"
- "Microsoft AI Red Team Reports"
class SkillTracker:
"""Track skill development progress."""
SKILL_MATRIX = {
"technical": {
"python_proficiency": ["basic", "intermediate", "advanced", "expert"],
"ml_fundamentals": ["none", "basic", "intermediate", "advanced"],
"adversarial_ml": ["none", "basic", "intermediate", "advanced"],
"llm_security": ["none", "basic", "intermediate", "advanced"],
"tool_proficiency": ["none", "user", "developer", "contributor"],
},
"offensive": {
"prompt_injection": ["none", "basic", "intermediate", "advanced"],
"jailbreaking": ["none", "basic", "intermediate", "advanced"],
"model_extraction": ["none", "basic", "intermediate", "advanced"],
"adversarial_examples": ["none", "basic", "intermediate", "advanced"],
},
"defensive": {
"input_validation": ["none", "basic", "intermediate", "advanced"],
"guardrails": ["none", "basic", "intermediate", "advanced"],
"monitoring": ["none", "basic", "intermediate", "advanced"],
"incident_response": ["none", "basic", "intermediate", "advanced"],
},
"professional": {
"reporting": ["none", "basic", "intermediate", "advanced"],
"communication": ["none", "basic", "intermediate", "advanced"],
"research": ["none", "basic", "intermediate", "advanced"],
"mentorship": ["none", "basic", "intermediate", "advanced"],
}
}
def generate_development_plan(self, current_skills, target_role):
"""Generate personalized development plan."""
gaps = self._identify_gaps(current_skills, target_role)
return DevelopmentPlan(
gaps=gaps,
resources=self._recommend_resources(gaps),
timeline=self._estimate_timeline(gaps),
milestones=self._set_milestones(gaps)
)
Communities:
AI Village:
platform: "Discord, DEF CON"
focus: "AI security research"
activities: "CTFs, talks, research"
url: "https://aivillage.org/"
OWASP AI Security:
platform: "OWASP Slack, GitHub"
focus: "AI application security"
activities: "Projects, documentation"
url: "https://owasp.org/www-project-ai-security/"
MLSecOps:
platform: "Slack, Conferences"
focus: "ML security operations"
activities: "Best practices, tools"
AI Safety:
platform: "Various"
focus: "AI alignment and safety"
activities: "Research, discussion"
Issue: Don't know where to start
Solution: Begin with Gandalf challenges, then TryHackMe AI rooms
Issue: Certification too expensive
Solution: Focus on free CTFs and open-source tool contributions
Issue: No practical experience
Solution: Participate in bug bounties, contribute to open source
Issue: Skill plateau
Solution: Try research, teaching, or tool development
| Component | Purpose |
|---|---|
| Agent 01 | Career guidance |
| /analyze | Skill gap analysis |
| Community | Networking |
| CTF platforms | Practical experience |
Build AI security expertise through structured learning.
This skill should be used when the user asks to "create a slash command", "add a command", "write a custom command", "define command arguments", "use command frontmatter", "organize commands", "create command with file references", "interactive command", "use AskUserQuestion in command", or needs guidance on slash command structure, YAML frontmatter fields, dynamic arguments, bash execution in commands, user interaction patterns, or command development best practices for Claude Code.
This skill should be used when the user asks to "create an agent", "add an agent", "write a subagent", "agent frontmatter", "when to use description", "agent examples", "agent tools", "agent colors", "autonomous agent", or needs guidance on agent structure, system prompts, triggering conditions, or agent development best practices for Claude Code plugins.
This skill should be used when the user asks to "create a hook", "add a PreToolUse/PostToolUse/Stop hook", "validate tool use", "implement prompt-based hooks", "use ${CLAUDE_PLUGIN_ROOT}", "set up event-driven automation", "block dangerous commands", or mentions hook events (PreToolUse, PostToolUse, Stop, SubagentStop, SessionStart, SessionEnd, UserPromptSubmit, PreCompact, Notification). Provides comprehensive guidance for creating and implementing Claude Code plugin hooks with focus on advanced prompt-based hooks API.