Security●●Solid
PromptSonar – Static analysis for LLM prompt security
Static scanner catches prompt injections in code before runtime, unlike runtime guards.
Solve My ProblemShip It
meghal86
103mo ago
Back to browse
GitHub Repository
🛡️ Promptinel is a deterministic security scanner for machine-interpreted natural language that treats prompts as executable artifacts.
10 starsGo
Promptinel – A Security Scanner for Prompts
by cunningfatalist·Mar 8, 2026·1 point·0 comments
AI Analysis
●●●BangerBig BrainZero to OneSolve My Problem
Deterministic prompt linter flags injection, exfiltration, obfuscation before LLM runs—treats prompts as executable code.
Strengths
- •Novel framing: prompts ARE executable code, so treat them as such with static analysis + linting—this is genuinely not obvious.
- •Deterministic scanner (no network, no ML model calls) means output is reproducible and automatable in CI pipelines.
- •Concrete attack patterns: prompt override, role spoofing, download-and-execute chains, Unicode obfuscation, secret exfiltration intent.
Weaknesses
- •Early-stage: 8 stars, 2 open issues; unclear how effective rules are at catching real-world attacks vs. false positives.
- •Limited ecosystem: only scans text files; no IDE integration, no GitHub Actions pre-built yet, minimal adoption signal.
Category
Target Audience
DevOps engineers, prompt library maintainers, teams shipping LLM agents or multi-user prompt repositories.
Similar To
Bandit (Python linter) · Semgrep · Gitleaks
Post Description
Hello HN :)
Promptinel is a security scanner for prompts. I think the world needs something like this, because prompts are basically executable artifacts and we need to treat them as such. I want to identify as many bad things as I can before a prompt gets anywhere near runtime. Especially when supplying a common prompt repository for friends or colleagues, or when downloading skills from the internet. You can read more about my motivation in the project's readme: https://github.com/CunningFatalist/promptinel?tab=readme-ov-...
Promptinel finds various attack patterns in prompts, for example:
- prompt override and role spoofing patterns - download-and-execute chains - template execution and network fetch behavior - secret exfiltration intent - invisible Unicode and obfuscation tricks - local sensitive file references
I'm really looking forward to feedback from people, who have built linters or security scanners before. Or just feedback from Go people, really. I'm mainly a PHP and TypeScript dev and use Go in my free time, because I find it fun and love the philosophy behind it.
Similar Projects
Security○Pass
Security-Risk Patterns in OpenClaw Skills
It actually looks for the weird stuff that trips up LLM agents — invisible Unicode, bidi overrides, embedded curl|bash one-liners, exfil links — and pairs a static skill scanner with a real-time interception flow that forces human approvals. The CLI-first approach (npx safeclaw start) plus Socket.IO alerts and per-command allow/deny decisions show practical thinking about developer workflows; I want to see model/false-positive metrics and enterprise integration docs next.
Niche GemWizardry
dinodrv
203mo ago
Security●●●Banger
Aguara – Security scanner for AI agent skills and MCP servers
Semgrep for AI agents—138 rules, offline, catches obfuscated attacks other scanners miss.
Solve My ProblemBig Brain
garagon
123mo ago
Security●●Solid
LLM AuthZ Audit – find auth gaps and prompt injection in LLM apps
Purpose-built LLM security linter covers OWASP Top 10, but static analysis has inherent blind spots.
Big BrainSolve My Problem
iamspathan
103mo ago
Developer Tools●●Solid
CLI to score AI prompts after a prod failure
Prompt CVE tracking is clever, but LangSmith and Arize already cover this ground.
Solve My ProblemShip It
techcam
112mo ago
Security●●●Banger
A security scanner for AI Agent Skills
Docker sandbox execution catches runtime threats static analysis alone misses.
Big BrainBold Bet
mayziem
502mo ago