We are rushing to integrate LLMs into everything. But we are forgetting one thing: LLMs are gullible.
If you connect an LLM to your database or internal APIs, a simple prompt injection can leak your data or delete your production DB.
So I built a tool to fix this.
Meet ExaAiAgent v2.1 π‘οΈ
I just released a major update to ExaAiAgent, my open-source AI pentesting framework.
It now includes a dedicated AI Prompt Injection Scanner that tests for:
- π Direct Injection: Overriding system instructions.
- π Jailbreaks: DAN, Developer Mode, Roleplay attacks.
- π Data Extraction: Leaking system prompts and configuration.
- π Exfiltration: Sending data to external servers via markdown/URLs.
How it works (Python)
The scanner uses a library of 50+ payloads to probe your LLM application.
python
from exaaiagnt.tools.prompt_injection import PromptInjectionScanner
# Define your target
def chat_with_my_app(prompt):
return client.chat.completions.create(
model="gpt-4",
messages=[{"role": "user", "content": prompt}]
)
# Scan it
scanner = PromptInjectionScanner()
results = scanner.scan(chat_with_my_app)
print(f"Vulnerabilities found: {results['vulnerabilities_found']}")
**
New: Kubernetes Security Scanner β**
Because AI apps run on the cloud, I also added a K8s scanner to check for:
β’ Risky RBAC permissions (wildcard verbs)
β’ Privileged containers
β’ Missing Network Policies
Try it out
It's 100% open source. I'd love your feedback!
π [GitHub Repo](https://github.com/hleliofficiel/ExaAiAgent)
Let me know if you find any vulnerabilities in your own apps! π
Top comments (0)