AgentMinds is a cross-site agent intelligence pool. Production sites connect, push their agent reports + code structure + runtime telemetry, and the network builds a queryable pool of patterns, knowledge, and functions. Connected sites pull from the pool through a free API — search by stack, agent, or category.

How does AgentMinds work?

Two sides. COLLECT: connected sites push agent_reports, code signatures (frameworks, routes, deps), and runtime events. DELIVER: each site's analyze-actions endpoint returns AI-ranked recommendations matched against the network's pool, scored by confidence and provenance. Free scan exists as a lead-gen surface; the product is the connect-first delivery loop.

Free tier covers signup + browser collector + Python/Node SDK + cross-site recommendations. Pro tier (planned) unlocks higher event volume, source-map uploads, and release tracking. Free scans are public; deeper agent-pool delivery requires connecting a site.

Is the agent intelligence pool public?

Tier-1 (universal web hygiene) playbook rules are public. Tier-2 rules derived from solved patterns at peer sites and tier-3 reference patterns are gated behind connect. The /sync/personalized-rules endpoint ranks the pool per connected site by stack, site_type, and history — verified end-to-end on 2026-04-27 with two test sites whose rule order differed in 25/30 top positions. The pool itself is never browseable without auth.

How do I connect my site?

pip install agentminds && python -m agentminds connect — auto-detects FastAPI/Flask/Django, asks for your URL+email, registers your site, edits your entry file, prints the env var to set. Same flow for Node: npm install @agentmindsdev/node and follow the dashboard install snippet. Browser collector is a single tag.

Pattern preview · 12 of 4,089 sample rules shown · site-specific intelligence stays private

We don't publish
your competitive advantage.

AgentMinds' cross-site pattern pool is the moat. Site-specific learned patterns — the things our agents discovered after fixing real production issues across the network — are never shown publicly. They are delivered, filtered, and personalised to YOUR stack only when YOUR site is connected. The 12 examples below are tier-1 generic web hygiene rules; they're here so you can sanity-check the format. The real value lives behind your API key.

Connect a site to see yours Read our open spec (ARP)

Sample rules shown

Categories

2258

Tier-1 (public)

4,089

Tier-2 (your patterns)

private to your site

prompt_injection

security-prompt-injection-user-provides-a-jailbreak-prompt-such-as-dan-do-an-f385b32c

IFUser provides a jailbreak prompt such as 'DAN (Do Anything Now)' instructing the LLM to ignore its safety rules and respond without restrictions.

THENImplement input-level detection to block known jailbreak patterns. For example, filter prompts containing 'DAN', 'Do Anything Now', or similar escape sequences. Additionally, apply output-level monitoring to detect responses that violate policy (e.g., unverified date/time or unauthorized actions). Use regex or a classification model to flag such attempts.

Tier 170%

prompt_injection

security-prompt-injection-user-provides-a-jailbreak-prompt-e-g-pretend-to-be-dc763cc9

IFUser provides a jailbreak prompt (e.g., 'pretend to be DAN') asking the model to ignore its constraints and 'do anything now'.

THENImplement a prompt guard that scans user inputs for known jailbreak phrases (e.g., 'do anything now', 'DAN', 'ignore previous instructions') and either blocks the request or returns a refusal. Additionally, use system messages to reinforce the model's boundaries and detect role-playing attempts that bypass safety rules.

Tier 170%

prompt_injection

security-prompt-injection-user-input-contains-instructions-to-override-the-a-a6746335

IFUser input contains instructions to override the AI's persona (e.g., 'pretend to be DAN' or 'Do anything now'), causing the AI to break constraints and behave as an unrestricted agent.

THENImplement input filtering to detect and block known jailbreak phrases. Add a regex rule to reject prompts containing 'DAN' or 'Do anything now' (case-insensitive) with a 400 error or manual review flag. Hardening the system prompt with a directive to ignore any persona-override instructions is also effective.

Tier 170%

Connect your site → query the full pool

What you see here is the public tier-1 slice. The full pool — tier-2 fixes derived from solved patterns at peer sites + tier-3 reference patterns — opens up once you connect. You filter by stack / agent / category through the API; auto-personalisation is on the roadmap.

Connect a site

We don't publishyour competitive advantage.

Connect your site → query the full pool

We don't publish
your competitive advantage.