Skip to main content

Scan historical LLM traces for credential leaks and prompt-injection evidence

Project description

canari-forensics

PyPI package CI License: MIT

Scan your LLM logs for breaches that already happened.

LLM applications can leak internal context through prompt injection attacks. Your firewall never flags it because the exfiltration looks exactly like a legitimate API response. Most teams find out weeks later - if ever.

Canari Forensics scans your existing LLM conversation logs and tells you definitively whether you have had any successful prompt injection or credential leakage before you were monitoring. Exact pattern matching, no classifiers, no false positives. Runs locally in under a minute. No data leaves your environment.

Install

pip install canari-forensics

If your environment blocks package installs, you can run directly with python3 -m canari_forensics .... After install, run canari ... directly.

Quick start

# 1) Scan OTEL JSON exports (generic/datadog/honeycomb via --provider)
canari forensics scan \
  --source otel \
  --provider generic \
  --logs ./otel-traces \
  --file-pattern '*.json' \
  --out ./forensics-scan.json

# 2) Generate enterprise audit outputs
canari forensics report \
  --scan-report ./forensics-scan.json \
  --client "Acme Corp" \
  --application "AI Gateway" \
  --out-pdf ./audit-report.pdf \
  --out-evidence ./canari-evidence.json \
  --bp-dir ./tests/attacks

Staged audit workflow

# initialize audit workspace
canari forensics audit init \
  --name "Q1 2026 AI Gateway Audit" \
  --source otel \
  --provider generic \
  --logs ./otel-traces \
  --client "Acme Corp" \
  --application "AI Gateway"

# run scan and report using stored metadata
canari forensics audit scan --audit-id q1-2026-ai-gateway-audit
canari forensics audit report --audit-id q1-2026-ai-gateway-audit

One-command audit from config

cp .canari.yml.example .canari.yml
canari forensics audit run --config .canari.yml

Custom pattern packs

canari forensics report \
  --scan-report ./forensics-scan.json \
  --client "Acme Corp" \
  --application "AI Gateway" \
  --out-pdf ./audit-report.pdf \
  --out-evidence ./canari-evidence.json \
  --bp-dir ./tests/attacks \
  --patterns-file ./custom_patterns.json

The JSON file should contain either {"patterns": [...]} or a top-level array, where each pattern has: pattern_id, name, severity, confidence, kind, regex.

Local demo checkpoint

./scripts/demo_local_audit.sh

Real-time OTLP receiver

canari forensics receive \
  --host 0.0.0.0 \
  --port 4318 \
  --db ./canari-forensics.db

Outputs:

  • Scan JSON with normalized conversation turns
  • Evidence JSON with findings and metadata
  • PDF audit report for executive review
  • .bp.json snapshots for BreakPoint CI workflows

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

canari_forensics-0.1.0.tar.gz (27.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

canari_forensics-0.1.0-py3-none-any.whl (26.2 kB view details)

Uploaded Python 3

File details

Details for the file canari_forensics-0.1.0.tar.gz.

File metadata

  • Download URL: canari_forensics-0.1.0.tar.gz
  • Upload date:
  • Size: 27.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.7

File hashes

Hashes for canari_forensics-0.1.0.tar.gz
Algorithm Hash digest
SHA256 4a2beae7f167d8022a8b53234fe031adaea23e7fe058827d5e5342cfdcbfb5b2
MD5 321cc56c0d78e886e95276a7b59be12d
BLAKE2b-256 853856a982f610cb7ac79fdf3b04caf2232622777a4dc2d4869cc028f9093e46

See more details on using hashes here.

File details

Details for the file canari_forensics-0.1.0-py3-none-any.whl.

File metadata

File hashes

Hashes for canari_forensics-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 8b6bbe59312d89a40dca5a29d97bedd7f9ebeeb5d8b217727c81c227fc399400
MD5 c2eaead31161d690691cd5b32fb5b1b7
BLAKE2b-256 91d0279b95d5c8254b689e976ffa18420907e1b5ea660f8061cd6aeb5e7d312a

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page