We are rushing to integrate LLMs into everything. But we are forgetting one thing: LLMs are gullible.
If you connect an LLM to your database or internal APIs, a simple prompt injection can leak your data or delete your production DB.
So I built a tool to fix this.
Meet ExaAiAgent v2.1 ๐ก๏ธ
I just released a major update to ExaAiAgent, my open-source AI pentesting framework.
It now includes a dedicated AI Prompt Injection Scanner that tests for:
- ๐ Direct Injection: Overriding system instructions.
- ๐ Jailbreaks: DAN, Developer Mode, Roleplay attacks.
- ๐ Data Extraction: Leaking system prompts and configuration.
- ๐ Exfiltration: Sending data to external servers via markdown/URLs.
How it works (Python)
The scanner uses a library of 50+ payloads to probe your LLM application.
python
from exaaiagnt.tools.prompt_injection import PromptInjectionScanner
# Define your target
def chat_with_my_app(prompt):
return client.chat.completions.create(
model="gpt-4",
messages=[{"role": "user", "content": prompt}]
)
# Scan it
scanner = PromptInjectionScanner()
results = scanner.scan(chat_with_my_app)
print(f"Vulnerabilities found: {results['vulnerabilities_found']}")
**
New: Kubernetes Security Scanner โ**
Because AI apps run on the cloud, I also added a K8s scanner to check for:
โข Risky RBAC permissions (wildcard verbs)
โข Privileged containers
โข Missing Network Policies
Try it out
It's 100% open source. I'd love your feedback!
๐ [GitHub Repo](https://github.com/hleliofficiel/ExaAiAgent)
Let me know if you find any vulnerabilities in your own apps! ๐
Top comments (0)