Caido

Announcing AI-driven Caido

Introducing the new Client SDK and AI Skill

Author Image

Joseph Thacker

March 6, 2026

3 min read

Everyone I know in the security space is experimenting with coding agents and autonomous testing tools.

The biggest issue is that most of these companies are building their own HTTP proxy/intercept functionality from scratch when there's already a premier proxy sitting right there to be tapped-into.

And many individual operators are using coding agents as "homegrown" hackbots which are using curl or writing custom scripts to make, edit, and send requests. This makes human reproduction and validation much harder.

Introducing the Caido Skill

As a solution to both of these problems, I've been working with the Caido team on a new skill that gives AI agents full control over Caido's capabilities using Caido's new Caido SDK client.

You get a clean interface for replay sessions, findings, requests, etc. All the stuff you'd normally click through manually. Your agent can now do it programmatically with a few lines of code.

This streamlines writing raw GraphQL queries, snagging auth tokens from one request and plopping them into another one for IDOR testing, etc. The SDK makes it 10x faster to hack.

Why use it?

Using this skill in my personal hackbot, I've found 15 vulnerabilities in the last 6 weeks. All but a couple are High and Critical vulnerabilities. It's a huge part of my AI Hacking success.

Vulnerabilities aside, there are several reasons why this is the ideal solution for how agents should hack things.

Human-in-the-loop

I think for most orgs, the real killer feature is the human-in-the-loop angle. Your agent does its thing, populates findings, creates replay sessions. Then you pop open Caido and everything's right there in the same interface you already know. You can manually verify what the agent found, tweak requests, dig deeper.

The fact all of the agent's request editing show up in the replay tab (and it can name the replay tabs appropriately!) means human-in-the-loop is ALWAYS an option.

Token Efficiency

Minimal token use: AI Agents writing cookies and processing huge responses eats up tokens and increases costs massively. The SDK is very malleable and precise with how it can be used by agents so that it never bloats the context.

It's extremely well documented so smaller models like sonnet and haiku can even use it.

This skill can also be used by subagents so the "main" session doesn't run out of context.

Portability

Caido's client/server architecture means you can run workers anywhere and they can access your Caido instance to pull latest cookies/auth, edit requests, search for juicy endpoints.

This also means you have a workspace file you can give clients of all the traffic requests, scopes, filters, findings, and match/replace rules.

How to use it?

The skill can be found here: https://github.com/caido/skills. You also snag it with the Vercel skills cli:

pnpx skills add caido/skills --skill='*'

Give it a star if you like it and send us some suggestions!

I think there are some exciting partnership opportunities between Caido and autonomous pentesting companies or even internal security teams. If you're interested in hearing more, reach out to them at info@caido.io.

If you want to learn more about how I leverage AI in Bug Bounty, check out my blog post on the agentic hacking era.

Caido

Get Started with Caido today

Join the ranks of professionals who are switching to Caido for their security testing needs.

We value your privacy

We use cookies to enhance your browsing experience, serve personalized content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies. Click "Essential Only" to only allow cookies necessary for the website to function.