AI-powered cloud security auditing platform. Combines static infrastructure scanning with Claude AI analysis to surface exploitability — not just vulnerability lists.
| OWASP LLM Risk | ID | Control |
|---|---|---|
| Prompt Injection | LLM01 | Pattern detection on user-controlled input reaching model context |
| Insecure Output Handling | LLM02 | Output validation — detects unsanitized model responses piped to shell/eval |
| Sensitive Information Disclosure | LLM06 | PII regex scan on prompts before model submission |
| Excessive Agency | LLM08 | Detects autonomous action patterns without human-in-the-loop gates |
| Scanner | Target | Detections |
|---|---|---|
| Docker | Dockerfile + compose | Root execution, missing digest pins, exposed ports, hardcoded secrets, missing resource limits |
| Secrets | Full codebase | API keys, AWS credentials, private keys, database connection strings |
| CVE Analysis | Any CVE ID | Exploitability against your stack, blast radius, AI-generated remediation path |
| OWASP LLM | LLM application code | LLM01, LLM02, LLM06, LLM08 — static pattern analysis |
secureai/
├── cli.py
├── scanners/
│ ├── docker.py # Dockerfile + compose static analysis
│ └── secrets.py # Secrets detection engine
├── analyzers/
│ └── cve.py # AI CVE analysis via Claude API
├── reporters/
│ └── html.py # HTML report generator
└── utils/
├── severity.py # CVSS-aligned severity scoring
└── output.py # Terminal output formatting
secureai scan docker --path ./
secureai scan secrets --path ./
secureai analyze cve CVE-2024-23342
secureai report --output reports/
Python 3.11 · Claude API (claude-sonnet) · Click · Pytest · Gitleaks · Semgrep
28 tests — TDD-first. Word boundary assertions enforce false-positive prevention on output path detection (LLM02).
pytest tests/ -v
- ADR-001 — CLI Architecture
- ADR-002 — AI Integration Approach
- ADR-003 — Secrets Detection Patterns
- ADR-004 — OWASP LLM Top 10 Implementation
- Docker infrastructure scanner
- Secrets detection engine
- AI CVE analysis
- OWASP LLM Top 10 scanner (LLM01, LLM02, LLM06, LLM08)
- AWS infrastructure auditor
- SBOM generation via Syft CycloneDX
- Real-time CVE monitoring
- Security dashboard
MIT