The first open-source security scanner that detects jailbreak toolkits, model abliteration, prompt injection, and NSFW generation pipelines. The threats traditional scanners are blind to.
Traditional scanners check for CVEs and known malware. They'll never flag a Python library that surgically removes your model's ability to say no. SKSecurity scans for intent patterns specific to the AI agent ecosystem.
Toolkits that remove refusal directions from model weights, creating permanently uncensored variants. Looks like normal ML code to traditional scanners.
Reverse proxies and middleware that inject system prompts between your gateway and the API. Man-in-the-middle attacks for the LLM era.
DAN prompts, Crescendo attacks, L1B3RT4S liberation frameworks. Packaged as "helpful plugins" that bypass your model's safety training.
Uncensored Stable Diffusion configs, adult content generation workflows, and safety-bypass model variants hiding in your skill stack.
Activation steering, LoRA uncensoring, and mechanistic interpretability exploits that modify model behavior at the tensor level.
Crafted responses that trick agent frameworks into executing unauthorized tool calls. The next generation of injection attacks.
ClamAV: 0 detections. Snyk: 0 detections. Trivy: 0 detections. SKSecurity: 6 detections.
Static analysis, behavioral analysis, dependency auditing, and AI-powered heuristics. Four layers that catch what single-pass scanners miss.
Production ReadyHigh-risk content is isolated immediately โ quarantine first, ask questions later. Whitelist overrides give operators sovereign control.
Production ReadyCommunity gets Telegram alerts. Pro gets JSON exports. Enterprise gets branded PDFs and SIEM-ready JSON for SOC integration.
Production ReadyPre-commit hooks that catch leaked API keys, tokens, and credentials before they hit your repo. 14 pattern categories with entropy scoring.
Production ReadyAI-powered email security that detects prompt injection in inbound messages. Traffic light system: auto-process, ask human, or quarantine.
Production ReadyCall-home checksums verify your installation against signed release manifests. Detects supply chain tampering and unauthorized modifications.
Production ReadyEverything you need to deploy, configure, and extend SKSecurity.
Crowdsourced AI Threat Intelligence
When one SKSecurity instance detects a new AI threat pattern, every instance gets protected. Community-powered defense with zero infrastructure costs โ GitHub is the backbone.
Privacy-first: only patterns and hashes are shared. Never file contents, paths, or identifying data.
Opt-in only. Works offline. GitHub-native. $0 infrastructure.
During a routine daily audit, SKSecurity's scanner flagged a skill containing model abliteration tools, jailbreak patterns, and system prompt injection infrastructure.
| Finding | Severity | Pattern |
|---|---|---|
| Model abliteration library (294KB) | Critical | Refusal direction removal |
| execSync shell execution | Critical | Child process spawning |
| Jailbreak keyword patterns | High | DAN / liberation references |
| SSH remote commands | High | Remote code execution |
Risk score: 87/100. Auto-quarantined in under 2 seconds. Telegram alert sent to the infrastructure owner. Full audit trail in SQLite.
"Some things should not be for sale. Authenticity, love, trust, and security."
The code is identical across all tiers. Community and Pro are free forever.
Enterprise pays for our time, not our code. We believe security is a right, not a product.
SKSecurity is licensed under GPL-3.0. The source code is free, the scanner is free, the threat intelligence is free. Forever.
We're happy to work with corporations on implementation, custom integrations, and enterprise licensing. But the core will always be open, always be free, and always be protected by GPL-3.0.
Authenticity, love, trust, and security should NOT be for sale.