Metadata-Version: 2.4
Name: aisentry
Version: 1.0.0
Summary: AI Sentry - Unified AI/LLM Security Scanner for Static Code Analysis + Live Model Testing
Author: AISentry Team
License: MIT
Project-URL: Homepage, https://aisentry.co
Project-URL: Repository, https://github.com/deosha/aisentry
Project-URL: Documentation, https://aisentry.co/docs.html
Project-URL: Issues, https://github.com/deosha/aisentry/issues
Keywords: security,llm,ai,owasp,static-analysis,live-testing,vulnerability-scanner,aisentry
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: Topic :: Security
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Requires-Python: >=3.8
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: click>=8.0.0
Requires-Dist: rich>=13.0.0
Requires-Dist: pyyaml>=6.0.0
Requires-Dist: aiohttp>=3.8.0
Requires-Dist: httpx>=0.24.0
Requires-Dist: openai>=1.0.0
Requires-Dist: anthropic>=0.8.0
Requires-Dist: numpy>=1.21.0
Requires-Dist: scipy>=1.7.0
Requires-Dist: detect-secrets>=1.4.0
Requires-Dist: astunparse>=1.6.3; python_version < "3.9"
Requires-Dist: typing-extensions>=4.0.0; python_version < "3.10"
Provides-Extra: bedrock
Requires-Dist: boto3>=1.28.0; extra == "bedrock"
Provides-Extra: vertex
Requires-Dist: google-cloud-aiplatform>=1.25.0; extra == "vertex"
Requires-Dist: google-auth>=2.0.0; extra == "vertex"
Provides-Extra: azure
Requires-Dist: azure-identity>=1.12.0; extra == "azure"
Provides-Extra: ml
Requires-Dist: scikit-learn>=1.0.0; extra == "ml"
Provides-Extra: cloud
Requires-Dist: boto3>=1.28.0; extra == "cloud"
Requires-Dist: google-cloud-aiplatform>=1.25.0; extra == "cloud"
Requires-Dist: google-auth>=2.0.0; extra == "cloud"
Requires-Dist: azure-identity>=1.12.0; extra == "cloud"
Provides-Extra: dev
Requires-Dist: pytest>=7.0.0; extra == "dev"
Requires-Dist: pytest-cov>=4.0.0; extra == "dev"
Requires-Dist: pytest-asyncio>=0.21.0; extra == "dev"
Requires-Dist: black>=23.0.0; extra == "dev"
Requires-Dist: ruff>=0.1.0; extra == "dev"
Requires-Dist: mypy>=1.0.0; extra == "dev"
Requires-Dist: types-pyyaml>=6.0.0; extra == "dev"
Provides-Extra: all
Requires-Dist: boto3>=1.28.0; extra == "all"
Requires-Dist: google-cloud-aiplatform>=1.25.0; extra == "all"
Requires-Dist: google-auth>=2.0.0; extra == "all"
Requires-Dist: azure-identity>=1.12.0; extra == "all"
Requires-Dist: scikit-learn>=1.0.0; extra == "all"
Requires-Dist: pytest>=7.0.0; extra == "all"
Requires-Dist: pytest-cov>=4.0.0; extra == "all"
Requires-Dist: pytest-asyncio>=0.21.0; extra == "all"
Requires-Dist: black>=23.0.0; extra == "all"
Requires-Dist: ruff>=0.1.0; extra == "all"
Requires-Dist: mypy>=1.0.0; extra == "all"
Requires-Dist: types-pyyaml>=6.0.0; extra == "all"
Dynamic: license-file

# aisentry

[![Tests](https://github.com/deosha/aisentry/actions/workflows/test.yml/badge.svg)](https://github.com/deosha/aisentry/actions/workflows/test.yml)
[![PyPI version](https://img.shields.io/pypi/v/aisentry.svg)](https://pypi.org/project/aisentry/)
[![Downloads](https://img.shields.io/pypi/dm/aisentry.svg)](https://pypistats.org/packages/aisentry)
[![Python versions](https://img.shields.io/pypi/pyversions/aisentry.svg)](https://pypi.org/project/aisentry/)
[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)

A unified command-line tool for AI/LLM security scanning. Static code analysis for OWASP LLM Top 10 vulnerabilities.

**Website**: [aisentry.co](https://aisentry.co) | **Docs**: [aisentry.co/docs](https://aisentry.co/docs.html)

## Benchmarks

Evaluated against a comprehensive OWASP LLM Top 10 testbed with 73 ground-truth vulnerabilities.

| Metric | aisentry | Semgrep | Bandit |
|--------|----------|---------|--------|
| **Precision** | 75.4% | 83.3% | 58.3% |
| **Recall** | 63.0% | 6.8% | 38.4% |
| **F1 Score** | **68.7%** | 12.7% | 46.3% |

**LLM-Specific Coverage** (patterns generic tools miss):

| Category | aisentry | Semgrep | Bandit |
|----------|----------|---------|--------|
| LLM01: Prompt Injection | 72.7% | 0% | 15.4% |
| LLM04: Model DoS | 80.0% | 0% | 0% |
| LLM06: Sensitive Info | 62.5% | 0% | 0% |
| LLM10: Model Theft | 44.4% | 0% | 0% |

> See [docs/tool_comparison.md](https://github.com/deosha/aisentry/blob/main/docs/tool_comparison.md) for detailed comparison and [llm-sec-eval](https://github.com/deosha/llm-sec-eval) for methodology.

## Features

- **Static Code Analysis**: OWASP LLM Top 10 + SQL injection detection
- **Security Posture Audit**: 61 controls across 10 categories with maturity scoring
- **Remote Scanning**: GitHub, GitLab, Bitbucket URLs
- **Multiple Outputs**: Text, JSON, HTML (interactive), SARIF (CI/CD)
- **False Positive Reduction**: ML-trained heuristics (88% accuracy)

## Installation

```bash
pip install aisentry

# With ML-based false positive reduction
pip install aisentry[ml]

# With all cloud providers
pip install aisentry[cloud]
```

## Quick Start

```bash
# Scan local project
aisentry scan ./my_project

# Scan GitHub repository
aisentry scan https://github.com/langchain-ai/langchain

# Generate HTML report
aisentry scan ./my_project -o html -f report.html

# Security posture audit
aisentry audit ./my_project
```

## Live Model Testing

For runtime testing of LLM models (prompt injection, jailbreaks), we recommend [Garak](https://github.com/leondz/garak) by NVIDIA. aisentry focuses on static code analysis - finding vulnerabilities before deployment.

## Documentation

| Topic | Link |
|-------|------|
| CLI Reference | [docs/cli.md](https://github.com/deosha/aisentry/blob/main/docs/cli.md) |
| Configuration | [docs/configuration.md](https://github.com/deosha/aisentry/blob/main/docs/configuration.md) |
| Architecture | [docs/architecture.md](https://github.com/deosha/aisentry/blob/main/docs/architecture.md) |
| CI/CD Integration | [docs/integration.md](https://github.com/deosha/aisentry/blob/main/docs/integration.md) |
| Tool Comparison | [docs/tool_comparison.md](https://github.com/deosha/aisentry/blob/main/docs/tool_comparison.md) |

## GitHub Actions

```yaml
- run: pip install aisentry
- run: aisentry scan . -o sarif -f results.sarif
- uses: github/codeql-action/upload-sarif@v2
  with:
    sarif_file: results.sarif
```

See [docs/integration.md](https://github.com/deosha/aisentry/blob/main/docs/integration.md) for GitLab, Azure DevOps, and pre-commit examples.

## Development

```bash
git clone https://github.com/deosha/aisentry.git
cd aisentry
pip install -e ".[dev]"
pytest tests/ -v
```

## License

MIT License - see [LICENSE](LICENSE) for details.

## Links

- **Website**: [aisentry.co](https://aisentry.co)
- **GitHub**: [github.com/deosha/aisentry](https://github.com/deosha/aisentry)
- **PyPI**: [pypi.org/project/aisentry](https://pypi.org/project/aisentry/)
- **Issues**: [Report bugs](https://github.com/deosha/aisentry/issues)
