NEW

Start with the pressure: sales, launch, abuse, agents, data, or guardrails

Use the engagement router
aisecurityllc
Log inStart AI Security Assessment
aisecurityllc
Start AI Security Assessment

SECENG WORKBENCH

AI Attack-Path SAST

Turn AI code risk into attack paths engineering teams can fix.

Scan LLM apps, RAG workflows, MCP servers, browser agents, AI coding agents, tool-calling systems, and AI gateways for AI-native code risk. SecEng Code Scanner groups static signals into attack paths, ranks CVE candidates without overstating exploitability, generates safe validation plans, and exports Jira, SARIF, VS Code, and buyer-ready marketplace evidence.

Request Mini-ScanSee Marketplace Readiness
WHERE CAN AI CODE BECOME AN ATTACK PATH?

AI-native SAST

Static signals grouped into attack paths instead of noisy line-by-line findings.

MCP / RAG / agents

Targets LLM apps, RAG workflows, browser agents, AI coding agents, and tool-calling systems.

SARIF / VS Code / Jira

Exports developer-ready diagnostics, tickets, and evidence with the language teams already use.

Marketplace-ready evidence

Supports AppExchange, AgentExchange, Splunkbase, GitHub, VS Code, and CI readiness workflows without claiming certification.

Early access

Licensed tooling plus Workbench-backed delivery for teams that need speed now.

SecEng Workbench

AI Attack-Path SAST

Early access

Attack-path SAST

Static signals grouped into source → sink → missing-guard paths.

Marketplace readiness

Pre-submission evidence for app review and security-review blockers.

CVE candidate triage

Rank likely research candidates without overstating exploitability.

Developer exports

SARIF, VS Code diagnostics, Jira tickets, Markdown, and control matrices.

Safe validation planning

Mock-first harness plans for MCP tools, browser actions, RAG tenant boundaries, model JSON dispatch, prompt logging, and unsafe render paths.

SARIFVS CodeJiraMarkdownControl matrix

Attack-path SAST

Static signals grouped into source → sink → missing-guard paths

Marketplace readiness

Evidence for app review, buyer review, and submission blockers

CVE candidate triage

Rank likely research candidates without overclaiming

SARIF / VS Code / Jira

Developer exports and remediation queues

Core capabilities

What SecEng Code Scanner does.

Target Profiling

Identify MCP servers, RAG systems, browser agents, AI coding agents, tool-calling apps, AI gateways, and model supply-chain surfaces before scanning deeper.

AST-lite Enrichment

Extract entrypoints, sources, sinks, guards, missing controls, framework signals, and path context from AI code.

Attack-path Grouping

Compress noisy static findings into prioritized AI attack paths: model/tool/source/sink/guard relationships that engineering teams can review and fix.

CVE-likelihood Scoring

Separate vulnerability candidates from commercial control gaps, test-only noise, and low-context static signals.

Safe Validation Planning

Generate mock-first harness plans for MCP tools, browser actions, RAG tenant boundaries, model JSON dispatch, prompt logging, and unsafe render paths.

Evidence Export

Export SARIF, VS Code diagnostics, Jira-ready tickets, disclosure case drafts, control matrices, and buyer evidence packages.

Evidence & signals

What you get out of the box.

Risk Classes

  • MCP tool side effects without approval
  • Browser-agent actions without domain or action policy
  • RAG/vector retrieval without tenant boundaries
  • Model-generated JSON controlling trusted actions
  • Prompt, log, trace, and cache exposure before redaction

Outputs

  • AI Code Attack-Path Report
  • CVE Candidate Register
  • Safe Validation Plan
  • Marketplace Readiness Report
  • Jira Tickets
  • SARIF

Evidence Levels

  • Raw signal
  • AST-enriched finding
  • Grouped attack path
  • Validation planned
  • Safe-dry-run validated
  • Vendor/disclosure candidate

Red team + Blue team

Built for both sides of the security equation.

Red Team Use

  • Seed adversarial testing with code-derived attack paths instead of waiting for runtime failures.
  • Rank likely CVE candidates without pretending every static result is exploitable.
  • Generate safe validation plans for marketplace, partner, and enterprise review blockers.

Blue Team Use

  • Turn AI code findings into Jira-ready fixes, control gaps, and buyer evidence.
  • Use SARIF, VS Code diagnostics, and markdown reports in the development workflow.
  • Package marketplace-readiness artifacts without claiming official certification or replacing review.

Risk classes

AI-native risks classic SAST misses.

Code Scanner looks for the places where AI code creates delegated action, data exposure, unsafe rendering, policy bypass, or evidence gaps. The output is not a pile of raw static findings. It is a review path.

MCP tool side effects without approval

Browser-agent actions without domain or action policy

RAG/vector retrieval without tenant boundaries

Model-generated JSON controlling trusted actions

Prompt, log, trace, and cache exposure before redaction

Streaming model output rendered as unsafe HTML or markdown

AI gateway auth, budget, and model-policy gaps

Unsafe model artifact loading and unpinned supply-chain paths

Missing forensic evidence for AI actions

Outputs

What it produces.

The deliverable set is built for engineering, marketplace readiness, buyer security review, and disclosure triage when the evidence supports it.

AI Code Attack-Path Report

CVE Candidate Register

Safe Validation Plan

Harness Plan

Disclosure Case Draft

Buyer Evidence Package

Marketplace Readiness Report

Control Matrix

Jira Tickets

VS Code Diagnostics

SARIF

Differentiation

Not another noisy scanner.

Classic SAST emits findings. SecEng Code Scanner emits AI attack paths: where model output, tools, source data, sinks, and missing guards combine into reviewable risk.

Generic SAST

dangerous calls

SecEng Code Scanner

model/tool/source/sink/guard paths

Generic SAST

raw findings

SecEng Code Scanner

prioritized AI attack paths

Generic SAST

generic remediation

SecEng Code Scanner

Jira-ready fixes and control evidence

Generic SAST

pass/fail output

SecEng Code Scanner

validation plans, CVE candidates, and marketplace evidence

Evidence levels stay explicit

Static does not mean exploitable.

SecEng Code Scanner does not claim every static result is exploitable. Findings are labeled by evidence level so product, security, legal, and engineering teams know what can be said, what needs validation, and what belongs in a private remediation backlog.

Raw signalAST-enriched findingGrouped attack pathValidation plannedSafe-dry-run validatedVendor/disclosure candidatePublic advisory candidate

Marketplace readiness

Prepare evidence before official review.

Use Code Scanner for pre-submission evidence, submission blocker reports, buyer-review proof, and remediation planning for AI-enabled apps, managed packages, partner apps, extensions, and integrations.

It supports readiness workflows. It does not replace official Salesforce, Splunk, GitHub, AWS, partner, or marketplace security review.

Architecture

A meta-engine for AI code review evidence.

SecEng Code Scanner combines native AI security rules, source-context enrichment, path grouping, validation planning, and evidence export. It can also ingest customer-owned scanner output when the customer has the right to use it.

Import support does not mean SecEng bundles or resells third-party commercial tools or maintained rule sets.

Engine stages

  • Native SecEng AI rulepacks
  • AST-lite enrichment
  • Target profiling
  • Attack-path grouping
  • CVE-likelihood scoring
  • Harness planning
  • Disclosure-case generation
  • Buyer-evidence export
  • SARIF/import adapters

Inputs it can consume

  • native SecEng scan output
  • SARIF
  • customer-owned Semgrep JSON/SARIF output
  • CodeQL, Snyk, or Sonar output where the customer has rights
  • Salesforce Code Analyzer output where applicable
  • Splunk AppInspect output where applicable

Pricing & access

Start with tooling. Add expert review when the stakes are higher.

Use a license for repeatable scanning and developer exports, or scope a Workbench-backed review when a marketplace submission, enterprise buyer, or disclosure candidate needs human triage.

AI Code Mini-Scan

$499 one-time

Find the top AI attack paths in one private repo. Attack-path report, SARIF, Markdown, and validation plan. No subscription required.

Request Mini-Scan

Starter

$199/mo

1 private repo, monthly scans, AI attack-path report, SARIF and Markdown exports.

Team

$599/mo

3 private repos, weekly scans, VS Code/SARIF/Jira exports, buyer evidence package, control matrix, and safe validation plans.

Marketplace Pro

$1,299/mo

5 apps/repos/packages, marketplace-readiness reports, white-label evidence, CVE candidate triage, variant and patch-diff checks.

Start Code ScannerView pricing

AI SECURITY ENGINEERING WORKBENCH

Ready to put SecEng Code Scanner to work?

Start with a licensed scan or scope a Workbench-backed review. We’ll identify AI-native code attack paths, rank the evidence, and produce the remediation and marketplace-readiness artifacts your team can actually use.

Request Mini-ScanSee the full Workbench
View pricing →

Also in the Workbench

WHAT AI DO WE HAVE?

SecEng Surface Scanner

Browser, Repo & IDE AI Discovery

Explore

WHAT DID IT ACTUALLY DO?

SecEng Runtime Proxy

MITM Capture, Replay & Runtime Evidence

Explore

HOW CAN IT FAIL UNDER ATTACK?

SecEng Adversarial Range

AI Red-Team Scenario Harness

Explore

WHAT CAN AGENTS ACTUALLY DO?

SecEng Authority Graph

Agent Authority & Approval-Path Analysis

Explore

WAS RETRIEVAL AUTHORIZED?

SecEng RAG Test Harness

Retrieval & Context Security Test Harness

Explore
See full Workbench