Show HN: Compliant LLM toolkit for ensuring compliance & security of AI systems

Compliant LLM is an open-source security toolkit designed to identify and prevent vulnerabilities in hosted LLM systems. The tool automates security testing to uncover compliance and safety issues, demonstrating real exploits like SQL injection, code injection, and prompt obfuscation attacks against models like Claude and OpenAI. It provides a dashboard interface for analyzing and mitigating security holes in AI systems.

Key Points

• •Automated vulnerability scanning for hosted LLM models to identify security gaps and compliance issues
• •Demonstrates real attack vectors: SQL injection, code injection, template injection, and prompt obfuscation techniques
• •Can expose data theft risks through downstream tool calls and unauthorized data exfiltration
• •Identifies malware/spyware installation risks via obfuscated prompts targeting third-party servers
• •Provides interactive dashboard for security testing and vulnerability analysis
• •Works with major LLM providers (Claude, OpenAI) to test model robustness
• •Open-source approach enables community-driven security improvements and transparency
• •Enables proactive security posture assessment before production deployment

Workflow Diagram

Concepts

Artifacts (1)

pip install compliant-llm && compliant-llm dashboard