1 comment

[ 0.26 ms ] story [ 17.2 ms ] thread
Hi HN! I built a GitHub Action that automatically scans AI/LLM endpoints for security vulnerabilities on every push/PR.

Why? Most teams ship AI features without security testing. This action catches prompt injection, jailbreaks, and data leakage before they hit production.

How it works: - Add 5 lines of YAML to your workflow - Scans run automatically on push/PR - PRs get blocked if critical vulns are found - Full report with remediation steps

Free tier: 5 scans/month. 650+ attack vectors.

Built this because I do AI red teaming professionally (OSCP+, C-AI/MLPen). Happy to answer questions!