Problem. Owners cannot easily test whether their agent is capable and safe
before trusting it in production.
Target user. Builders who want to train and harden an agent before shipping.
Market gap. Red-team tools (Lasso, Promptfoo, Garak) attack the model;
none run behavioral drills on MCP-connected agents (Scout research, 2026-05-16).
MVP scope (shipped). Drill runner + a security audit producing a strengths/
exposures scorecard and an explicit fix-list.
Acceptance criteria. (1) A drill can be run and scored. (2) An audit
produces a strength/exposure breakdown (radial gauges). (3) A fix-list is shown.
(4) Mobile-clean, loads < 2s.
Out of scope (v1). Live agent connection; real attack payload library.
Next. Phase 2 โ wire the audit to a real MCP behavioral test suite.