Can You Break an AI Guardrail? APort Vault Is Open — $6,500 on the Line
Source: Dev.to
Overview
I want to find out where my AI guardrails fail – and I’m willing to pay you to help me discover the gaps.
APort Vault is live today. It’s a Capture‑The‑Flag challenge built on top of APort’s agent authorization layer, the guardrail system that intercepts every tool call an AI agent makes before it executes. Your job: break it.
The competition runs for two weeks, ending March 12, 2026.
What is APort?
APort is an AI‑agent authorization layer. Before an AI agent executes any tool—write a file, call an API, send an email, query a database—the guardrail evaluates the request against a versioned policy and returns allow or deny in ~40 ms.
APort Vault puts you on the other side of that decision. You’re not looking for classic bugs like SQL injection or memory leaks; you’re probing the places where a language model’s intent evaluation can turn a DENY into an ALLOW.
Challenge Structure
The CTF consists of five levels, each targeting a different class of attack. They escalate quickly:
| Level | Focus | Reward |
|---|---|---|
| 1 | Prompt Injection Basics | — |
| 2 | Policy Ambiguity | — |
| 3 | Context Poisoning | $500 Chimoney |
| 4 | Multi‑Step Reasoning | $1,000 Chimoney |
| 5 | Full System Bypass | $5,000 Chimoney |
Total prize pool: $6,500, paid out via Chimoney (real money, supported in 130+ countries).
Who Should Participate?
- Prompt‑injection researchers: Levels 1 & 2 will feel familiar.
- AI‑agent developers: Play before you ship; two hours of testing can save weeks of production debugging.
- Security researchers: Level 5 presents a genuine research problem that hasn’t been solved from the inside.
- CTF newcomers: Levels 1 & 2 are free, no registration required—just show up and try.
Successful bypasses are tracked on a public leaderboard with timestamps and audit trails. The first to crack each level gets bragging rights; everyone who reaches Level 3 or higher is named on the leaderboard.
How to Participate
- Visit vault.aport.io.
- No sign‑up is required for Levels 1 & 2.
- Use GitHub login for Levels 3–5 (so we can verify and pay winners).
- Read the challenge brief and start testing.
Competition closes March 12, 2026 at 11:59 PM ET.
Why This Matters
I built APort to solve a real problem: AI agents need pre‑action authorization the same way web apps need per‑request authentication. The pattern exists everywhere else in security, but it doesn’t exist for AI agents—yet.
My internal test suite only covers the space I imagined. Adversarial testing by developers who want to win cash maps the space I didn’t anticipate. Every bypass you find makes the guardrails stronger—that’s the deal.
Related Resources
- AI Passports: A Foundational Framework
- Agent Registries & Kill Switches
Links
- APort
- APort Vault
- Leaderboard
- npm package:
@aporthq/aport-agent-guardrails
Start competing → vault.aport.io