Shift-left LLM security scanner
Project description
Lintai
Lintai is an experimental AI-aware static-analysis tool that spots LLM-specific security bugs (prompt-injection, insecure output handling, data-leakage …) before code ships.
| Why Lintai? | What it does |
|---|---|
| Traditional SAST can’t “see” how you build prompts, stream completions or store vectors. | Lintai walks your AST, tags every AI sink (OpenAI, Anthropic, LangChain, …), follows wrapper chains, then asks an LLM to judge risk. |
Requires Python ≥ 3.10
✨ Key features
- Two analysis commands
lintai ai-inventory <src-code-path>– list every AI call and its caller chainlintai scan <src-code-path>– run all detectors, emit JSON (with llm_usage summary)
- LLM budget guard-rails – hard caps on requests / tokens / cost (
LINTAI_MAX_LLM_*) - Modular detector registry (
entry_points) - OWASP LLM Top-10 & MITRE ATT&CK baked in
- DSL for custom rules
- CI-friendly JSON output (SARIF soon)
⚠️ UI Notice
A React/Cytoscape UI is under active development – not shipped in this cut.
🚀 Quick start
1 · Install
pip install lintai # core only
pip install "lintai[openai]" # + OpenAI detectors
# or "lintai[anthropic]" "lintai[gemini]" "lintai[cohere]"
pip install "lintai[ui]" # FastAPI server extras
2 · Enable LLM detectors (optional but highly recommended)
# .env (minimal)
LINTAI_LLM_PROVIDER=openai # azure / anthropic / gemini / cohere / dummy
LLM_API_KEY=sk-xxxxxxxxxxxxxxxxxxxxxxxx # API key for above provider
# provider-specific knobs
LLM_MODEL_NAME=gpt-4.1-mini
LLM_ENDPOINT_URL=https://api.openai.com/v1/
LLM_API_VERSION=2025-01-01-preview # Required for Azure
# hard budget caps
LINTAI_MAX_LLM_TOKENS=50000
LINTAI_MAX_LLM_COST_USD=10
LINTAI_MAX_LLM_REQUESTS=500
Lintai auto-loads .env; the UI writes the same file, so CLI & browser stay in sync.
3 · Run
lintai ai-inventory src/ --ai-call-depth 4
lintai scan src/
4 · Launch REST server (Optional, React UI coming soon)
lintai ui # REST docs at http://localhost:8501/api/docs
🔬 How LLM detectors work
LLM-powered rules collect the full source of functions that call AI frameworks, plus their caller chain, and ask an external LLM to classify OWASP risks.
Budget checks run before the call; actual usage is recorded afterwards.
🔧 Common flags
| Flag | Description |
|---|---|
-l DEBUG |
Verbose logging |
--ruleset <dir> |
Load custom YAML/JSON rules |
--output <file> |
Write full JSON report instead of stdout |
🧪 Sample scan output
{
"llm_usage": {
"tokens_used": 3544,
"usd_used": 0.11,
"requests": 6,
"limits": { "tokens": 50000, "usd": 10, "requests": 500 }
},
"findings": [
{
"owasp_id": "LLM01",
"severity": "blocker",
"location": "services/chat.py:57",
"message": "User-tainted f-string used in prompt",
"fix": "Wrap variable in escape_braces()"
}
]
}
📦 Directory layout
lintai/ ├── cli.py Typer entry-point ├── engine/ AST walker & AI-call analysis ├── detectors/ Static & LLM-backed rules ├── dsl/ Custom rule loader ├── llm/ Provider clients & token-budget manager ├── components/ Maps common AI frameworks → canonical types ├── core/ Finding & report model ├── ui/ FastAPI backend (+ React UI coming soon) └── tests/ Unit / integration tests
examples/ Sample code with insecure AI usage
🌐 REST API cheat-sheet
| Method & path | Body / Params | Purpose |
|---|---|---|
GET /api/health |
– | Liveness probe |
GET /api/config |
– | Read current config |
POST /api/config |
ConfigModel JSON |
Update settings (path, depth …) |
GET /POST /api/env |
EnvPayload JSON |
Read / update non-secret .env |
POST /api/secrets |
SecretPayload JSON |
Store API key (write-only) |
POST /api/scan |
multipart files | Run detectors on uploaded code |
POST /api/inventory |
path=<dir> |
Inventory run on server-side folder |
GET /api/runs |
– | List all runs + status |
GET /api/results/{id} |
– | Fetch scan / inventory report |
Auto-generated OpenAPI docs live at /api/docs.
📺 Roadmap
- React JS UI support
- SARIF + GitHub Actions template
- Additional AI frameworks recognition and categorization
- Lintai VS Code extension
- Live taint-tracking
🤝 Contributing
- Star the repo ⭐
git checkout -b feat/my-fixpytest -q(all green)- Open a PR – or a draft PR early
- See
CONTRIBUTING.md
Created by Harsh Parandekar — LinkedIn Licensed under Apache 2.0
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file lintai-0.0.1.tar.gz.
File metadata
- Download URL: lintai-0.0.1.tar.gz
- Upload date:
- Size: 46.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c42824ac6faeb56861101002266ac64ab065d3617781b737b1737695e00d83f1
|
|
| MD5 |
81ab3bb5fbb5b0bfc3add0bc0340886e
|
|
| BLAKE2b-256 |
e9a0d895aaddf878bdd29f0e44924374aab7afcc3b073ab88f69fbf8344606a2
|
File details
Details for the file lintai-0.0.1-py3-none-any.whl.
File metadata
- Download URL: lintai-0.0.1-py3-none-any.whl
- Upload date:
- Size: 58.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
0b32019bc7b0794e220c68c367a285e00eb9fb330d546f5220feb191c1b35ee6
|
|
| MD5 |
3546bd80d2e86fe7488c39541d4a6ab7
|
|
| BLAKE2b-256 |
15e9276206b57cf8477b3ad060ffea41e4f95bbaf9686f1ebdd5d6ed78bda3c2
|
