Hey DevHunt community! đź‘‹
I'm incredibly excited to launch Scankii!
As developers, we are building more and more AI Agents using frameworks like LangChain, OpenHands, and AutoGen. The standard paradigm is giving these agents "skills" or "tools" — which are basically just Python functions combined with Natural Language instructions (prompts or docstrings).
But here is the problem: Standard secret scanners (like GitLeaks or TruffleHog) are blind to AI-specific vulnerabilities.
They only scan source code for hardcoded secrets. But what if your Python code securely loads an API key, and your English instructions accidentally trick the agent into printing that key to stdout? The agent framework captures that output, injects it into the LLM context window, and your secret is suddenly exposed. We call this Cross-Modal Leakage.
Enter Scankii. 🛡️
Scankii solves this by analyzing the intersection of your Natural Language and your code. It uses a dual-engine pipeline (NL Semantic Analyzer + AST Syntax Analyzer) to track variable flows between your prompts and your code sinks.
✨ Core Features:
- Dual-Engine Scanning: Correlates English instructions with Python ASTs.
- Local-First & Fast: Your proprietary agent tools and code never leave your machine.
- CI/CD Ready: Outputs standard SARIF reports. Drop it into GitHub Actions or use it as a pre-commit hook.
- Framework Agnostic: Works with LangChain, AutoGen, CrewAI, MCP, or any custom python agent framework.
I built Scankii to give developers peace of mind when scaling their agent toolchains. Security shouldn't be an afterthought when building autonomous systems.
I would love for you to try it out on your agent repos, star the project, and leave any feedback or questions below! I'll be here all day answering them. 👇
GitHub Repository: https://github.com/ashp15205/scankii
Installation: pip install scankii
Top comments (1)
This is a really relevant direction, especially as agentic workflows start writing and moving code across multiple contexts automatically.
What stands out to me is that API key leakage is no longer just a “developer mistake” problem—it’s becoming a systemic execution problem when AI agents are involved. Once agents start generating code, touching repos, and running tools, secrets don’t just leak through ignorance, but through automation paths that were never designed with adversarial inputs in mind.
A static scanner like this is a good baseline, but I think the real challenge will be combining:
pre-commit / pre-execution checks (like this)
runtime environment isolation (sandboxing agent actions)
and secret scoping (short-lived, least-privilege tokens)
Otherwise, you’re only catching leaks after they’ve already been introduced into the workflow.
Also curious how this handles false positives in generated code vs real secrets—this is usually where adoption breaks down in practice.
Overall, solid idea space. This feels like one of those “mandatory infra layers” that will become standard once agent-driven coding becomes normal.