find injection holes
before attackers do.
Production LLM prompts get a code review from no one. PROMPT FORENSICS scans them across eight categories of vulnerability — instruction override, role hijack, delimiter injection, secret exposure, unsafe tool surface, PII handling, prompt leakage, indirect injection — and returns a severity-scored forensic note in seconds.
pick a target / click any card to scan
six prompts in the wild.
all are real-world archetypes / pre-scanned
Banking Support Bot
Production support agent at a Series-B neobank.
risk
100/100
findings
8
scan →
Email Triage Agent
Reads your inbox. Drafts replies. Sometimes sends them.
risk
100/100
findings
6
scan →
Health-Triage Chatbot
Pre-visit symptom triage for a regional hospital network.
risk
100/100
findings
8
scan →
HR Assistant
PII-rich internal copilot for a 2,000-person company.
risk
100/100
findings
8
scan →
E-commerce Customer Chat
Public-facing chat widget on a $40M/yr DTC store.
risk
100/100
findings
8
scan →
AI Code-Review Bot
GitHub App that comments on every PR across a 400-repo org.
risk
100/100
findings
9
scan →
detection surface
eight categories. one engine.
Each category combines deterministic pattern detection with an AI forensic note that explains how the findings chain together. No black-box scoring — the rationale is in the source.
how it works
two layers, one report.
step 01
Deterministic detection
14 hand-tuned rules across 8 categories run against the prompt as a pure function. Every finding has a span, severity weight, and concrete remediation. No model required, no API call needed — replayable, auditable, fast.
step 02
AI forensic note
Claude Sonnet 4.6 reads the prompt and the findings list, then writes a senior-engineer briefing: which two findings chain, what the attack would look like end-to-end, and the single remediation the team should ship this week.