Find and fix security vulnerabilities in AI systems before attackers do.
A comprehensive security scanning tool designed for the HoyaHacks 2026 hackathon that detects vulnerabilities in AI-related code, explains risks in plain language, and suggests safe fixes. All findings are stored in Snowflake for tracking and analysis.
AI Code Breaker scans your codebase for three critical security vulnerabilities:
- π Prompt Injection - Detects unsafe concatenation of user input into AI prompts
- π Hardcoded Secrets - Finds API keys, tokens, and passwords in source code
β οΈ Over-Privileged AI Tools - Identifies AI agents with dangerous permissions
- π Smart Detection: Pattern-based and AST analysis for accurate vulnerability detection
- π€ LLM Analysis: Uses GPT-4/Claude to generate plain-language explanations and fix suggestions
- βοΈ Snowflake Integration: Store scan results for tracking and trend analysis
- π Beautiful Reports: Generate JSON, HTML, and Markdown reports
- π₯οΈ Streamlit UI: User-friendly web interface for easy scanning
- β‘ Fast & Efficient: Optimized for hackathon speed (35 hours MVP-ready)
- Python 3.8 or higher
- Snowflake account (for data storage and LLM analysis via Cortex)
# Clone the repository
git clone https://github.com/cscx1/LLMCheck.git
cd LLMCheck
# Install dependencies
pip install -r requirements.txt
# Set up environment variables
cp .env.example .env
# Edit .env with your API keys and Snowflake credentialsEdit .env file with your Snowflake credentials:
# Snowflake Configuration (Required)
SNOWFLAKE_ACCOUNT=your_account.region
SNOWFLAKE_USER=your_username
SNOWFLAKE_PASSWORD=your_password
SNOWFLAKE_DATABASE=LLMCHECK_DB
SNOWFLAKE_WAREHOUSE=COMPUTE_WH
SNOWFLAKE_ROLE=ACCOUNTADMIN
# Optional: Use external LLM providers instead of Snowflake Cortex
# OPENAI_API_KEY=sk-your-openai-key
# ANTHROPIC_API_KEY=sk-ant-your-anthropic-keyRequired for full functionality:
See SNOWFLAKE_SETUP.md for complete setup instructions.
Quick version:
# 1. Run the schema creation script in Snowflake
# File: config/snowflake_schema.sql
# 2. Add Snowflake credentials to .env
# 3. Test connection
python -c "from src.snowflake_integration import SnowflakeClient; SnowflakeClient()"# Launch Streamlit interface
streamlit run ui/streamlit_app.py
# Or use the CLI
python cli.py uiThen open http://localhost:8501 in your browser and upload code files to scan.
# Scan a single file (uses Snowflake by default)
python cli.py scan examples/vulnerable_code/example1_prompt_injection.py --snowflake
# Scan with Snowflake Cortex LLM analysis
python cli.py scan myfile.py --snowflake --llm-provider snowflake_cortex
# Scan a directory
python cli.py scan-dir ./myproject --recursive --snowflake
# Fast scan (no LLM analysis, no Snowflake)
python cli.py scan myfile.py --no-llm
# Use alternative LLM provider (requires separate API key)
python cli.py scan myfile.py --snowflake --llm-provider openai
# Generate specific report formats
python cli.py scan myfile.py --snowflake --format html markdownfrom src.scanner import AICodeScanner
# Initialize scanner with Snowflake
scanner = AICodeScanner(
use_snowflake=True,
use_llm_analysis=True,
llm_provider="snowflake_cortex" # Uses Snowflake Cortex LLM
)
# Scan a file
results = scanner.scan_file("path/to/code.py")
# Print results
print(f"Found {results['total_findings']} vulnerabilities")
for finding in results['findings']:
print(f"- {finding['vulnerability_type']}: {finding['description']}")
# Close scanner
scanner.close()LLMCheck/
βββ src/
β βββ ingestion/ # Code file ingestion and parsing
β βββ detectors/ # Vulnerability detection engines
β β βββ prompt_injection_detector.py
β β βββ hardcoded_secrets_detector.py
β β βββ overprivileged_tools_detector.py
β βββ llm_reasoning/ # LLM analysis for explanations
β βββ snowflake_integration/ # Snowflake data persistence
β βββ report_generation/ # Report creation (JSON/HTML/MD)
β βββ scanner.py # Main orchestrator
βββ ui/
β βββ streamlit_app.py # Web interface
βββ config/
β βββ snowflake_schema.sql # Database schema
β βββ config.yaml # Configuration settings
βββ examples/
β βββ vulnerable_code/ # Example vulnerable files for testing
βββ tests/ # Unit tests
βββ cli.py # Command-line interface
βββ requirements.txt # Python dependencies
βββ README.md # This file
We've included intentionally vulnerable code examples for testing:
# Test prompt injection detection
python cli.py scan examples/vulnerable_code/example1_prompt_injection.py
# Test hardcoded secrets detection
python cli.py scan examples/vulnerable_code/example2_hardcoded_secrets.py
# Test over-privileged tools detection
python cli.py scan examples/vulnerable_code/example3_overprivileged_tools.pyExpected Output:
- Multiple CRITICAL and HIGH severity findings
- Detailed explanations of each vulnerability
- Safe code fix suggestions
======================================================================
π AI CODE SECURITY SCAN RESULTS
======================================================================
File: example1_prompt_injection.py
Language: python
Scan ID: abc-123-def-456
SUMMARY:
π΄ Critical: 3
π High: 1
π‘ Medium: 0
π΅ Low: 0
βββββββββββββββββββββ
Total: 4
BY TYPE:
β’ Prompt Injection: 3
β’ Hardcoded Secret: 1
======================================================================
- Language: Python 3.8+
- Detectors: Custom pattern matching + AST analysis
- LLM Analysis: Snowflake Cortex (Mistral-Large)
- Storage: Snowflake Data Cloud
- UI: Streamlit
- Reports: JSON, HTML, Markdown
Note: OpenAI and Anthropic are supported as alternative LLM providers, but Snowflake Cortex is the default and recommended option.
This tool is designed for defensive security only.
Acceptable Use:
- β Scanning your own code
- β Code review and security audits
- β Educational purposes
- β CI/CD pipeline integration
Prohibited Use:
- β Generating exploit code
- β Attacking systems without authorization
- β Scanning code you don't own without permission
This is a hackathon project, but contributions are welcome!
# Clone and create a branch
git checkout -b feature/your-feature-name
# Make changes and test
python cli.py scan examples/vulnerable_code/example1_prompt_injection.py
# Commit and push
git add .
git commit -m "Add your feature"
git push origin feature/your-feature-name- OWASP Top 10 for LLM Applications
- CWE: Common Weakness Enumeration
- Snowflake Security Best Practices
# Make sure you're in the project root directory
cd LLMCheck
# Run as a module
python -m src.scanner- Check your
.envfile has correct credentials - Verify your Snowflake account is active
- Try disabling Snowflake:
python cli.py scan myfile.py
- Default uses Snowflake Cortex (requires Snowflake connection)
- For quick testing without Snowflake:
python cli.py scan myfile.py --no-llm - To use OpenAI/Anthropic: Add API key to
.envand use--llm-provider openai
MIT License - See LICENSE file for details
Built with β€οΈ for HoyaHacks 2026
For a quick demo:
# 1. Launch the web UI
streamlit run ui/streamlit_app.py
# 2. Upload an example file from examples/vulnerable_code/
# 3. Enable LLM Analysis for best results
# 4. Click "Start Security Scan"
# 5. View detailed findings with explanations and fixes!- Additional vulnerability detectors
- CI/CD integration (GitHub Actions, GitLab CI)
- Support for more programming languages
- Real-time scanning in IDEs
- Automated fix generation
- Machine learning-based detection
Remember: Security is not a one-time check. Regular scanning and staying updated on security best practices are essential for maintaining secure AI systems! π