Skip to main content

Overview

Nyx is Fabraix’s offensive AI agent. You define the target, objective, and budget; Nyx works against it until it finds a vulnerability or exhausts the budget. Most users interact with Nyx through the @fabraix/nyx CLI. The endpoints documented here are what the CLI calls under the hood - use them directly to integrate Nyx into CI/CD pipelines or custom tooling.
Nyx is built on our research work, including ACE (Adversarial Cost to Exploit), a dynamic benchmark measuring the token expenditure an adversary must invest to breach an LLM-backed agent.
Nyx is currently a small, focused API: submit a run, poll for status, download the report. Most workflows only need three endpoints.

Base URL

https://api.fabraix.com/v1

Authentication

Unlike Arx (which uses x-api-key), Nyx authenticates with a verification token issued by nyx login or stored in the NYX_TOKEN environment variable. Pass it in the X-Verification-Token header: 
curl -H "X-Verification-Token: $NYX_TOKEN" https://api.fabraix.com/v1/nyx/runs

Available Endpoints

POST /nyx/runs

Submit a new adversarial audit run

GET /nyx/runs/{run_id}

Poll run status, spend, and findings count

GET /nyx/runs/{run_id}/report

Download the full markdown audit report once a run completes

Install the CLI

npm install -g @fabraix/nyx
nyx login
nyx run playground.yaml
See the Nyx README for full CLI usage.