SecVibe

detect-secrets is an aptly named module for (surprise, surprise) detecting secrets within a code base. However, unlike other similar packages that solely focus on finding secrets, this package is designed with the enterprise client in mind: providing a backwards compatible, systematic means of: Preventing new secrets from entering the code base, Detecting if such preventions are explicitly bypassed, and Providing a checklist of secrets to roll, and migrate off to a more secure storage.

The first platform scanning all GitHub public activity in real time for API secret tokens, database credentials or vault keys. Be alerted in seconds. Integrate in minutes.

Precogs AI is an AI-native code security platform designed to detect real, exploitable vulnerabilities with high precision and minimal false positives. In addition to code security, it extends to binary analysis and data protection, helping teams secure applications across the entire development lifecycle. By leveraging deep semantic analysis and neural-symbolic reasoning, Precogs AI enables developers to reduce noise, prioritize real risks, and fix vulnerabilities faster within CI/CD pipelines.

The only self-service scanner with active adversarial probing for AI endpoints. 12 Parallel Security Checks get your results in less than a minute. No agents. No SDK. No credentials required. Paste a URL, get a security score with actionable findings.

It is a comprehensive tool designed to fortify the security of Large Language Models (LLMs). By offering sanitization, detection of harmful language, prevention of data leakage, and resistance against prompt injection attacks, it ensures that your interactions with LLMs remain safe and secure.

Waxell is the AI governance plane for agentic systems in production. It sits above agents, models, and integrations, enforcing constraints and defining what's allowed. Auto-instrumentation for 200+ libraries without code changes. Real-time tracing, token and cost tracking, and 11 categories of agentic governance policy enforcement.

AgentGuard is an SDK for AI agent developers that enforces budget limits, auth isolation, and MCP policy rules. Stop agents from overspending, leaking data, or exceeding their permissions. Works with any LLM stack.

Use any AI, safely. Sensitive data never leaves your device. Imagine using AI freely—without exposing who you are. Anonymize360 intercepts your sensitive data before it reaches an AI provider. The moment you send a message, it scans for names, addresses, SSNs, and medical records—replacing them with secure tokens and encrypting the originals locally with AES-256. Only the anonymized version travels to the cloud. When the response returns, your real information is seamlessly restored. Zero-knowledge architecture: even we can't access your data. No backdoors. Nothing stored outside your device. Works silently across Windows and macOS. For professionals, healthcare providers, or anyone who values privacy—powerful AI, zero compromise. Instant. Invisible. Secure.

Track your AI usage and secure sensitive data across Claude, ChatGPT, Gemini, and more. AIMetrical offers unified analytics and real-time security on a single dashboard.

TokenFence is an open-source SDK that lets developers set hard per-workflow token and cost limits for AI agents. Drop in 2 lines of code to prevent runaway API spend. Supports OpenAI, Anthropic, and more. Free and open source.

Protect MCP clients and services with a security gateway for safer launch, strict inspection, redaction, and operator visibility.

Discover, assess, and enforce security policy across every AI coding agent, MCP server, and tool in your org.

LangProtect is an AI security firewall that protects LLM and GenAI applications at runtime. It blocks prompt injection, jailbreaks, and sensitive data leakage while enforcing customizable security policies. Built for enterprise and regulated teams, it delivers real-time protection, visibility, and audit-ready governance.

AI security gateway for Apache APISIX. 100% air-gapped, Open Source core. CPU-capable, GPU-optional. Protect LLMs from prompt injection, PII leaks, and data exfiltration. GDPR, EU AI Act, SOC2, HIPAA compliant. Your data never leaves your VPC.

Clawsec is an open-source security plugin that blocks dangerous actions in under 5ms. One command: openclaw plugins install clawsec

Privacy-first AI assistant that protects sensitive information while preserving context.

One AI-powered platform that detects, prioritizes, and remediate vulnerabilities and malware end-to-end without the traditional AppSec overhead.

Use AI safely with UnblockDevs — a powerful toolkit to mask sensitive JSON and SQL data before sending it to AI, fix broken or stringified JSON, unpack messy logs, and decode JWT tokens instantly. Perfect for developers working with APIs, debugging logs, and handling sensitive data. Everything runs 100% in your browser with zero uploads, so your code and data stay private while you clean, parse, format, and analyze it.

The only security scanner built for vibe coders. Scan your Lovable.dev, Bolt.new - Supabase and Cursor apps for vulnerabilities in one click. Ship fast. Ship secure.

PixelHush automatically hides tokens, API keys and passwords in your code editor the moment screen recording or sharing starts. No more leaked secrets in tutorials, demos, or live calls.

It is a self-hardening prompt injection detector. It is designed to protect AI applications from prompt injection (PI) attacks through a multi-stage defense.

Secrets, authentication tokens, passwords, and keys pose a security risk if they are left unprotected in production workloads. SecretScanner inspects file systems and running containers, identifying over 140 different types of secret data.

It is an open-source Python package for specifying structure and type, validating and correcting the outputs of large language models (LLMs).

It is an open-source toolkit for monitoring Large Language Models (LLMs). It extracts signals from prompts & responses, ensuring safety & security.

It is a robust static analysis framework for validating that LLM-generated structured output is safe. It currently supports SQL.