SecEng Attack · Labs
Prompt Security Reviewer
Deterministic rule-based scanner for system prompts and RAG corpus documents. Detects policy gaps, secret leakage, and embedded prompt-injection phrases without LLM calls.
- • Prompt policy review: role boundaries, secret handling, tool authorization, output safety
- • Secrets detector: API keys, tokens, database URLs, private keys — always redacted
- • KB/corpus scanner: embedded injection, credential exfiltration phrases, tool misuse instructions
- • Export findings as JSON or Markdown
No LLM calls required
All scans run entirely in-browser. Nothing leaves your machine.
18
Rules
9
Secret detectors
5
Corpus dictionaries
OWASP LLM · NIST AI RMF · STRIDE
Standards covered
Prompt Security Reviewerstatic analysis
by aisecurity.llc › AI security engineering
Fixture-driven · Deterministic · No LLM calls
In-browserPrivacy-first
Next step
Need a full AI security review?
We assess LLM deployments, prompt architecture, RAG pipelines, and agent trust boundaries — and deliver findings mapped to OWASP LLM Top 10, NIST AI RMF, and ISO 42001.