8 Security Scanners
Purpose-built scanners covering the OWASP Top 10 for LLM Applications.
OWASP LLM Top 10 Coverage
✓ Full coverage • ◐ Partial coverage (detection only)
MCP Server Audit
Deeply inspect your MCP server for dangerous tool exposure, overprivileged permissions, insecure configurations, and attack surfaces that could let a bad actor hijack your agent's actions.
OWASP Coverage
What We Check
Detects shell_exec, eval, system calls without proper sandboxing
Identifies unrestricted file read/write operations
Detects tools that override built-in functions
Identifies parameters without type checking or sanitization
Flags tools with overly broad access patterns
Scans for API keys, tokens, and credentials in code
Identifies tools without usage throttling
Prompt Injection Tester
Fire 25+ real-world jailbreak payloads at your LLM endpoint — including DAN attacks, role-play exploits, encoding bypasses, and instruction overrides — to see what your model will do when an attacker gets creative.
OWASP Coverage
What We Check
Payloads that directly manipulate system prompts
Do Anything Now and other persona-based bypasses
Attempts to leak system prompts or instructions
Hypothetical scenarios that bypass safety
Base64, rot13, and other encoding tricks
False memory and multi-turn attacks
Tool Fuzzer
Hammer your tool definitions with path traversals, SQL injections, oversized inputs, null values, and malformed JSON to expose how your tools behave under adversarial conditions.
OWASP Coverage
What We Check
../../../etc/passwd and similar payloads
SQL payloads in string parameters
__proto__ and constructor injection
Passing wrong types (string vs number vs array)
Empty strings, huge inputs, negative numbers
Embedded nulls to truncate strings
Deeply nested objects, circular references
SSRF Detection
Test any endpoint that fetches external URLs for Server-Side Request Forgery vulnerabilities — catching cases where attackers could redirect your server to hit internal infrastructure, cloud metadata endpoints, or private networks.
OWASP Coverage
What We Check
AWS/GCP/Azure metadata URLs (169.254.169.254)
Private IP ranges (10.x, 172.16.x, 192.168.x)
127.0.0.1, 0.0.0.0, [::1] and other variants
Time-based DNS resolution attacks
file://, gopher://, dict:// protocols
Data Leak Scanner
Scan your codebase for hardcoded API keys, secrets, tokens, and exposed PII before they end up in a GitHub repo or a production log that someone else is reading.
OWASP Coverage
What We Check
AWS, OpenAI, Stripe, and other API keys in code
Passwords and tokens in plaintext
Names, emails, SSNs, credit cards in code
RSA, SSH, and other private keys
Connection strings with embedded passwords
Hardcoded JWT signing secrets
Permission Analyzer
Audit your tool and agent permission configurations for privilege escalation paths, overly broad scopes, and access patterns that violate least-privilege principles.
OWASP Coverage
What We Check
Tools that can read/write any path
Outbound connections without restrictions
Shell execution without sandboxing
Direct DB connections without query restrictions
Paths to gain elevated permissions
Tools that don't verify caller identity
Output Validator
Analyze code that renders or displays LLM-generated output for XSS vulnerabilities, HTML injection, and unsafe rendering patterns that could turn your chatbot into an attack vector.
OWASP Coverage
What We Check
Unsafe innerHTML, dangerouslySetInnerHTML
Unescaped HTML in LLM output
JavaScript execution in rendered content
Malicious URLs in generated links
Style-based attacks in output
Unsafe markdown rendering
Dependency Scanner
Check every AI and LLM package in your stack against known CVE databases to surface vulnerable dependencies before they become your weakest link.
OWASP Coverage
What We Check
Checks npm/pip packages against vulnerability databases
Known typosquatting or compromised packages
Packages significantly behind latest version
LangChain, OpenAI SDK, and other AI packages
Identifies copyleft and problematic licenses