All activity
Most teams shipping LLM features have no automated check for prompt-injection attacks in CI. nukon-pi-detect fixes that.
48 curated patterns across 5 attack categories: classic injection, jailbreaks, delimiter escapes, Unicode smuggling, and indirect injection. Deterministic regex + Unicode codepoint checks. No ML, no network, no API keys. Zero runtime dependencies. Sub-millisecond scans.
Exit code 2 on MALICIOUS - fails CI builds by default. HTML report output, JSON for pipelines. Apache 2.0.
nukon-pi-detectTiny, offline prompt-injection scanner for CI pipelines
Akhilleft a comment
Built this because every team I talked to shipping LLM features was testing for code bugs but not prompt-injection attacks. They were relying on the model's built-in safety. That's not a plan. The most interesting category to build was Unicode smuggling - specifically tag characters in U+E0000-U+E007F. They're completely invisible but your LLM can read them. Almost no scanner handles this....
nukon-pi-detectTiny, offline prompt-injection scanner for CI pipelines