Most teams shipping LLM features have no automated check for prompt-injection attacks in CI. nukon-pi-detect fixes that.
48 curated patterns across 5 attack categories: classic injection, jailbreaks, delimiter escapes, Unicode smuggling, and indirect injection. Deterministic regex + Unicode codepoint checks. No ML, no network, no API keys. Zero runtime dependencies. Sub-millisecond scans.
Exit code 2 on MALICIOUS - fails CI builds by default. HTML report output, JSON for pipelines. Apache 2.0.
