Microsoft has released two new open-source tools—RAMPART and Clarity—aimed at improving how developers design, test, and secure AI agents throughout the development lifecycle. The announcement marks a broader push to embed safety and risk assessment directly into the earliest stages of AI system building.
RAMPART Brings Security Testing Directly Into AI Development
The first tool, RAMPART (Risk Assessment and Measurement Platform for Agentic Red Teaming), is designed as a testing framework integrated with Pytest. It enables developers to simulate and evaluate both malicious and non-malicious scenarios to identify potential vulnerabilities in AI agents before deployment.
RAMPART allows engineers to create test cases that probe AI systems for issues such as prompt injection attacks, where untrusted external inputs influence system behavior. It can also help detect risks like unintended data exposure, behavioral inconsistencies, and tool misuse.
To function, RAMPART only requires an adapter that connects an AI agent to its testing environment. Once integrated, it runs structured security evaluations and generates detailed reports on potential weaknesses. The platform builds upon Microsoft’s earlier security initiative, PyRIT, which was introduced as a framework for identifying risks in AI systems after deployment.
Clarity Acts as a Pre-Development AI Design Advisor
The second tool, Clarity, is focused on the design phase of AI systems. It works as an interactive planning assistant that helps development teams refine ideas before any code is written. Microsoft describes it as a “thinking partner” that challenges assumptions and encourages structured decision-making.
Clarity guides users through key stages such as defining problems, exploring solution options, identifying possible failures, and documenting design decisions. By doing so, it aims to reduce the risk of flawed architectural choices early in the development process.
According to Microsoft, the goal is to ensure that critical design considerations—such as access permissions or tool integrations—are properly evaluated before implementation begins.
Shifting AI Safety to the Earliest Stage of Development
Microsoft emphasized that both tools are designed to move security and design validation “left” in the development lifecycle, meaning they are applied earlier rather than after systems are built.
The company noted that early-stage evaluation helps reduce costly redesigns and prevents security issues from becoming deeply embedded in production systems. It also allows teams to better understand and document why certain architectural decisions are made.
A member of Microsoft’s AI Red Team explained that the intention is to help engineers and product teams challenge assumptions before development progresses too far, when changes are still easier and less expensive to implement.
Turning AI Safety Into Continuous Engineering Practice
Unlike traditional post-development security assessments, RAMPART and Clarity are intended to function as ongoing engineering tools. RAMPART focuses on reproducible testing of AI systems, while Clarity captures design reasoning and assumptions in a structured format.
Together, they aim to transform AI safety from a one-time review process into a continuous, traceable practice throughout development and deployment.
Microsoft highlighted that this approach also helps standardize red teaming insights, making them reusable and easier to scale across different AI projects.
Conclusion
With the release of RAMPART and Clarity, Microsoft is reinforcing its focus on building safer AI systems by integrating security testing and design validation directly into the development pipeline. The tools are positioned to help developers identify risks earlier, improve transparency in decision-making, and strengthen the overall reliability of AI agents.
