AI code security scanner — finds what AI coding tools miss
Project description
prbl-scanner
Open source vulnerability scanner for AI-generated code.
Prbl finds the security vulnerabilities that AI coding tools produce systematically — the patterns that exist because of how LLMs were trained, not because of developer mistakes.
What it detects
-
PRBL-C001 — Hardcoded credentials and fallback secrets
CWE-798 · OWASP A07 · #7 most critical web security risk
Detects API keys, passwords, and tokens hardcoded directly in source code. Also catches the AI-specific fallback pattern:process.env.SECRET || 'default_value'where the fallback becomes the live secret for any deployment missing the environment variable. -
PRBL-R001 — Weak randomness in security contexts
CWE-338 · OWASP A04 · #4 most critical web security risk
Flags Math.random(), random.random(), and related functions when used to generate tokens, session IDs, passwords, or OTPs. These functions are not cryptographically secure — their output is predictable. -
PRBL-I001 — SQL injection including multi-line patterns
CWE-89 · OWASP A05 · #5 most critical web security risk
Detects user input concatenated or interpolated into SQL queries, including multi-line query construction patterns that most scanners miss. -
PRBL-I002 — Command injection
CWE-78 · OWASP A05 · #5 most critical web security risk
Detects user input passed to shell commands via exec, spawn, system, popen, subprocess.run, and shell=True. -
PRBL-I003 — Code injection (eval/exec)
CWE-94/95 · OWASP A05 · #5 most critical web security risk
Detects user input passed to eval(), exec(), new Function(), or compile(). Gives an attacker full code execution on the server. -
PRBL-A001 — Missing access control including serverless handlers
CWE-862 · OWASP A01 · #1 most critical web security risk
Detects route handlers and serverless functions that perform sensitive operations (database access, payment processing, user data) with no visible authentication or authorization check. -
PRBL-P001 — Hallucinated package references
Emerging — no CWE · OWASP A03 · Supply Chain Failures
Detects imports of packages that do not exist on PyPI or npm. AI models invent plausible-sounding package names. An attacker who registers the name with a malicious payload gets code execution on every machine that runs install.
Security Standards Mapping
Every Prbl rule maps to established security standards. When a developer asks an AI tool "how serious is this finding?" — the CWE and OWASP category give it the full context to answer accurately.
| Rule | Name | CWE | OWASP 2025 | OWASP Rank |
|---|---|---|---|---|
| PRBL-C001 | Hardcoded Credentials | CWE-798 | A07 — Authentication Failures | #7 |
| PRBL-R001 | Weak Randomness | CWE-338 | A04 — Cryptographic Failures | #4 |
| PRBL-I001 | SQL Injection | CWE-89 | A05 — Injection | #5 |
| PRBL-I002 | Command Injection | CWE-78 | A05 — Injection | #5 |
| PRBL-I003 | Code Injection | CWE-94/95 | A05 — Injection | #5 |
| PRBL-A001 | Missing Access Control | CWE-862 | A01 — Broken Access Control | #1 |
| PRBL-P001 | Hallucinated Packages | Emerging — no CWE | A03 — Supply Chain Failures | #3 |
Why PRBL-P001 has no CWE
Hallucinated package references are a new vulnerability class created by AI coding tools. Standard CWE scanners cannot detect this by definition — there is no CWE entry because this failure mode did not exist before LLMs generated code at scale. Prbl is the only scanner that catches it.
PRBL-P001 maps to OWASP A03 (Supply Chain Failures) because a malicious actor can register the hallucinated package name on PyPI or npm — turning every project using that AI-generated import into an unintentional malware distribution point.
Why open source
Security tools that scan your code should be auditable. These are the exact rules Prbl uses. Nothing hidden.
Install
pip install prbl-scanner
Usage
prbl-scanner scan ./myproject
JSON output
Every finding includes CWE and OWASP fields for downstream tooling:
{
"rule_id": "PRBL-C001",
"title": "Hardcoded credential: Stripe live secret key",
"cwe": "CWE-798",
"owasp_category": "A07 — Authentication Failures",
"owasp_rank": 7,
"severity": "HIGH",
"file": "auth/stripe.py",
"line": 14,
"detail": "...",
"fix": "..."
}
Validated against
74 public repos across Django, FastAPI, Express, NestJS, and full-stack codebases. 6.25% false positive rate.
Contributing
Found a new AI vulnerability pattern? Open a PR. Rule format is documented in CONTRIBUTING.md.
License
MIT
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file prbl_scanner-0.1.0.tar.gz.
File metadata
- Download URL: prbl_scanner-0.1.0.tar.gz
- Upload date:
- Size: 31.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c6176e1522943ecbd140a671879094f13980a51e325c65cad8cc2feacb9aa2f5
|
|
| MD5 |
a5326b322ed695cc2d3341910a05870f
|
|
| BLAKE2b-256 |
ec13212171f6dffb65c50cfcc95b7a747ff2ad10ca800a9b3482e21b122897a9
|
File details
Details for the file prbl_scanner-0.1.0-py3-none-any.whl.
File metadata
- Download URL: prbl_scanner-0.1.0-py3-none-any.whl
- Upload date:
- Size: 31.5 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ab01aac9e59f3d26c6498a0dd5934e70245398ccc5a817ed10285dfbd0bd3934
|
|
| MD5 |
b8baa1ed83b6c698a8f674834d29a1cc
|
|
| BLAKE2b-256 |
af77bb340fbc8557f34369537a384a864dcc2d29fe5a7a6bb3ce4a7f22b99648
|
