I built a real-time AI security monitor for local files — here's how the eepban engine works

Kidoai — Tue, 21 Apr 2026 01:56:19 +0000

What I built

Kido.ai is a lightweight Windows desktop app that monitors your local files
in real-time and flags security threats using AI — designed for developers
who ship fast and don't have time for manual security reviews.

The problem

Vibe coders and solo developers often skip security tooling. Traditional
antivirus is reactive. I wanted something that:

Watches files as you work
Understands what a threat means, not just that it matched a signature
Gets smarter over time from real-world threat data

eepban 1.0 — the intelligence engine

The core of Kido.ai is eepban 1.0, an open source threat intelligence engine.

It continuously pulls from 6 live sources:

CISA KEV — Known Exploited Vulnerabilities catalog
NVD — National Vulnerability Database
OSV.dev — Open Source Vulnerability database
GitHub Advisory — GitHub's security advisory feed
URLhaus — Malicious URL database
MalwareBazaar — Malware sample database

It auto-classifies threats, scores confidence, and generates detection rules automatically.

AI analysis pipeline

When a threat is detected, it escalates through a multi-AI pipeline based on severity:

Higher plan tiers unlock deeper AI analysis. The free tier runs local rules only.

DNS & Prompt injection detection

Beyond file monitoring, Kido.ai also detects:

DNS & C2 traffic — catches callbacks to known malicious domains
Prompt injection attempts — for developers building AI-integrated apps

Current state

This is a beta build without OV code signing — Windows SmartScreen will
show a warning. Click "More info" → "Run anyway" to install.

The engine source is fully open on GitHub so you can verify exactly what it does.

DEV Community: Kidoai