Show HN: VoiceGoat – A vulnerable voice agent for practicing LLM attacks

Category: security

Tags: security, llm, voice-agent, ctf, red-teaming, educational

Score: 7.5/10 (Innovation: 8, Technical: 7, Documentation: 8, Utility: 7)

VoiceGoat is a purposely vulnerable voice agent platform designed for security practitioners to practice exploiting LLM-based voice systems, covering OWASP Top 10 vulnerabilities like prompt injection and excessive agency. It combines a CTF-style gamification with realistic infrastructure (Docker, Twilio integration) and supports multiple LLM providers. The project is innovative in its focused educational niche, combining voice AI security with hands-on red team training.

Target audience: security practitioners, red teamers, penetration testers

Repository: https://github.com/redcaller/voice-goat · Python · NOASSERTION · 1 stars

View on Hacker News