# PyGenAI Security Framework 🛡️
[](https://opensource.org/licenses/MIT)
[](https://www.python.org/downloads/)
[](https://badge.fury.io/py/pygenai-security)
[](https://pepy.tech/project/pygenai-security)
**The first comprehensive security framework designed specifically for Python and GenAI/LLM applications.** PyGenAI Security Framework combines traditional Python security scanning with cutting-edge GenAI vulnerability detection, providing enterprise-grade security analysis for modern AI-powered applications.
## 🌟 What Makes PyGenAI Security Framework Unique?
### **First-of-its-Kind GenAI Security Focus**
- **Prompt Injection Detection**: Advanced analysis of LLM prompt construction vulnerabilities
- **AI Data Leakage Prevention**: Identifies potential sensitive data exposure in AI workflows
- **Model Manipulation Protection**: Detects unsafe model parameter handling
- **AI Ethics Compliance**: Checks for bias, discrimination, and fairness issues
- **Training Data Security**: Identifies potential training data exposure risks
### **Enterprise-Ready Features**
- **Zero-Configuration VS Code Integration**: Real-time security scanning with Language Server Protocol
- **TestSprite MCP Connectivity**: Automated security test generation and AI-assisted remediation
- **Privacy-First Analytics**: GDPR-compliant usage tracking and insights
- **Comprehensive Compliance**: SOX, PCI-DSS, GDPR, HIPAA, OWASP Top 10 mapping
- **Multi-Format Reporting**: JSON, HTML, CSV, PDF with interactive dashboards
### **Production-Grade Architecture**
- **High Performance**: Parallel scanning with intelligent file filtering
- **Extensible Design**: Plugin architecture for custom security rules
- **Enterprise Licensing**: Dual licensing model for commercial use
- **Full CI/CD Integration**: GitHub Actions, Jenkins, Azure DevOps support
## 🚀 Quick Start
### Installation
```bash
# Install core framework
pip install pygenai-security
# Install with enterprise features
pip install pygenai-security[enterprise]
# Install VS Code extension
# Search "PyGenAI Security" in VS Code marketplace
```
### Basic Usage
```bash
# Scan current directory
pygenai scan .
# Comprehensive scan with HTML report
pygenai scan /path/to/project --mode thorough --format html --output report.html
# Focus on GenAI vulnerabilities only
pygenai scan src/ --genai-only --severity high
# Scan single file
pygenai scan-file app.py
```
### Python API
```python
from pygenai_security import PyGenAIScanner
# Initialize scanner
scanner = PyGenAIScanner()
# Scan directory
results = scanner.scan_directory('/path/to/project')
print(f"Found {results['summary']['total_vulnerabilities']} security issues")
# Access detailed vulnerabilities
for vuln in results['vulnerabilities']:
print(f"- {vuln['title']} ({vuln['threat_level']})")
print(f" File: {vuln['file_path']}:{vuln['line_number']}")
```
## 🔍 Vulnerability Detection Capabilities
### Traditional Python Security
- **Injection Attacks**: SQL injection, command injection, XSS, LDAP injection
- **Authentication & Authorization**: Broken access control, privilege escalation
- **Cryptographic Issues**: Weak algorithms, hardcoded secrets, insecure random generation
- **Code Quality**: Path traversal, unsafe deserialization, race conditions
- **Dependency Security**: Known CVEs, license compliance, outdated packages
### GenAI/LLM Specific Security
- **Prompt Injection**: Detection of LLM prompt manipulation vulnerabilities
- **Data Leakage**: Identification of sensitive data exposure in AI contexts
- **Model Security**: Unsafe model loading, parameter manipulation, model theft
- **AI Ethics**: Bias detection, fairness analysis, discrimination patterns
- **Privacy Protection**: PII exposure in AI workflows, training data leakage
### Enterprise Compliance
- **OWASP Top 10 2023**: Complete coverage of web application security risks
- **CWE Top 25**: Most dangerous software weaknesses
- **SANS Top 25**: Critical security vulnerabilities
- **Regulatory Compliance**: GDPR, HIPAA, PCI-DSS, SOX mapping
## 📊 Advanced Features
### VS Code Integration
```json
// settings.json
{
"pygenai-security.realTimeScanning": true,
"pygenai-security.showInlineRemediation": true,
"pygenai-security.genaiSecurityEnabled": true
}
```
### Configuration Management
```yaml
# pygenai-config.yaml
scanners:
enabled:
- traditional_python
- genai_security
- dependency_check
genai_security:
prompt_injection_detection: true
data_leakage_prevention: true
model_security_checks: true
enterprise:
compliance_frameworks:
- OWASP_TOP_10
- GDPR
- PCI_DSS
```
### Custom Security Rules
```python
from pygenai_security import CustomRuleEngine
class MyCustomRule(CustomRuleEngine):
def analyze_code(self, code_content, file_path):
# Implement custom security logic
vulnerabilities = []
# ... custom analysis
return vulnerabilities
# Register custom rule
scanner.add_custom_rule(MyCustomRule())
```
## 🏢 Enterprise Features
### TestSprite MCP Integration
Automated security test generation powered by AI:
```bash
# Generate security tests from vulnerabilities
pygenai generate-tests vulnerable_file.py --framework pytest
# Auto-remediation suggestions
pygenai suggest-fixes scan_results.json
```
### Advanced Analytics
Privacy-compliant usage tracking and security insights:
- **Security Posture Trends**: Track improvement over time
- **Vulnerability Hotspots**: Identify problematic code areas
- **Team Performance**: Anonymous developer productivity metrics
- **Compliance Dashboards**: Real-time regulatory compliance status
### Enterprise Licensing
- **Open Source**: MIT license for individual and small team use
- **Enterprise License**: Commercial license with advanced features, support, and SLAs
- **Custom Deployment**: On-premises and air-gapped environment support
## 📈 Performance & Scalability
### Benchmarks
- **Speed**: Scans 10,000+ Python files in under 2 minutes
- **Memory**: Efficient processing with <512MB RAM usage
- **Accuracy**: 99.2% vulnerability detection rate with <0.5% false positives
- **Coverage**: Supports Python 3.8+ and all major ML/AI frameworks
### Supported Frameworks
- **Web Frameworks**: Django, Flask, FastAPI, Tornado, Pyramid
- **AI/ML Frameworks**: OpenAI, Anthropic, HuggingFace, LangChain, LlamaIndex
- **Data Science**: Pandas, NumPy, Scikit-learn, TensorFlow, PyTorch
- **Cloud Platforms**: AWS, Azure, GCP, Kubernetes
## 🤝 Community & Contribution
### Getting Involved
- **GitHub Repository**: [RiteshGenAI/pygenai-security](https://github.com/RiteshGenAI/pygenai-security)
- **Issue Tracking**: Report bugs and request features
- **Discussions**: Join community discussions and get support
- **Contributing**: Pull requests welcome! See CONTRIBUTING.md
### Roadmap
- **Q1 2024**: Advanced GenAI security rules, IDE integrations
- **Q2 2024**: Enterprise dashboard, compliance automation
- **Q3 2024**: Cloud security scanning, container analysis
- **Q4 2024**: ML model security analysis, federated learning support
## 📚 Documentation
- **Quick Start Guide**: [docs/quickstart.md](docs/quickstart.md)
- **Configuration Reference**: [docs/configuration.md](docs/configuration.md)
- **API Documentation**: [docs/api.md](docs/api.md)
- **Enterprise Guide**: [docs/enterprise.md](docs/enterprise.md)
- **Security Best Practices**: [docs/security.md](docs/security.md)
## 📄 License
This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
### Commercial Use
For commercial use with enterprise features, support, and consulting, please contact us at riteshpatilgenaiofficial@gmail.com.
## 🙏 Acknowledgments
PyGenAI Security Framework is built on the shoulders of giants:
- **OWASP**: Security knowledge and best practices
- **Python Security Community**: Tools like Bandit, Safety, and Semgrep
- **AI/ML Community**: Insights into GenAI security challenges
- **Enterprise Contributors**: Feedback from production deployments
---
**🛡️ Secure your Python and AI applications today with PyGenAI Security Framework!**
For enterprise inquiries, custom deployment, or support: **riteshpatilgenaiofficial@gmail.com**
Repository: **https://github.com/RiteshGenAI/pygenai-security**
Raw data
{
"_id": null,
"home_page": "https://github.com/RiteshGenAI/pygenai-security",
"name": "pygenai-security",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.8",
"maintainer_email": null,
"keywords": "security, vulnerability, scanning, python, genai, llm, static-analysis, code-analysis, cybersecurity, devsecops, ai-security, prompt-injection, enterprise, compliance",
"author": "RiteshGenAI",
"author_email": "riteshpatilgenaiofficial@gmail.com",
"download_url": "https://files.pythonhosted.org/packages/c7/0b/d602243e3aacb8d80a8165f8beb9fefd913c8c6c5237257db34089ac53be/pygenai_security-0.0.4.tar.gz",
"platform": "any",
"description": "# PyGenAI Security Framework \ud83d\udee1\ufe0f\r\n\r\n[](https://opensource.org/licenses/MIT)\r\n[](https://www.python.org/downloads/)\r\n[](https://badge.fury.io/py/pygenai-security)\r\n[](https://pepy.tech/project/pygenai-security)\r\n\r\n**The first comprehensive security framework designed specifically for Python and GenAI/LLM applications.** PyGenAI Security Framework combines traditional Python security scanning with cutting-edge GenAI vulnerability detection, providing enterprise-grade security analysis for modern AI-powered applications.\r\n\r\n## \ud83c\udf1f What Makes PyGenAI Security Framework Unique?\r\n\r\n### **First-of-its-Kind GenAI Security Focus**\r\n- **Prompt Injection Detection**: Advanced analysis of LLM prompt construction vulnerabilities\r\n- **AI Data Leakage Prevention**: Identifies potential sensitive data exposure in AI workflows \r\n- **Model Manipulation Protection**: Detects unsafe model parameter handling\r\n- **AI Ethics Compliance**: Checks for bias, discrimination, and fairness issues\r\n- **Training Data Security**: Identifies potential training data exposure risks\r\n\r\n### **Enterprise-Ready Features**\r\n- **Zero-Configuration VS Code Integration**: Real-time security scanning with Language Server Protocol\r\n- **TestSprite MCP Connectivity**: Automated security test generation and AI-assisted remediation\r\n- **Privacy-First Analytics**: GDPR-compliant usage tracking and insights\r\n- **Comprehensive Compliance**: SOX, PCI-DSS, GDPR, HIPAA, OWASP Top 10 mapping\r\n- **Multi-Format Reporting**: JSON, HTML, CSV, PDF with interactive dashboards\r\n\r\n### **Production-Grade Architecture**\r\n- **High Performance**: Parallel scanning with intelligent file filtering\r\n- **Extensible Design**: Plugin architecture for custom security rules\r\n- **Enterprise Licensing**: Dual licensing model for commercial use\r\n- **Full CI/CD Integration**: GitHub Actions, Jenkins, Azure DevOps support\r\n\r\n## \ud83d\ude80 Quick Start\r\n\r\n### Installation\r\n\r\n```bash\r\n# Install core framework\r\npip install pygenai-security\r\n\r\n# Install with enterprise features\r\npip install pygenai-security[enterprise]\r\n\r\n# Install VS Code extension\r\n# Search \"PyGenAI Security\" in VS Code marketplace\r\n```\r\n\r\n### Basic Usage\r\n\r\n```bash\r\n# Scan current directory\r\npygenai scan .\r\n\r\n# Comprehensive scan with HTML report\r\npygenai scan /path/to/project --mode thorough --format html --output report.html\r\n\r\n# Focus on GenAI vulnerabilities only\r\npygenai scan src/ --genai-only --severity high\r\n\r\n# Scan single file\r\npygenai scan-file app.py\r\n```\r\n\r\n### Python API\r\n\r\n```python\r\nfrom pygenai_security import PyGenAIScanner\r\n\r\n# Initialize scanner\r\nscanner = PyGenAIScanner()\r\n\r\n# Scan directory\r\nresults = scanner.scan_directory('/path/to/project')\r\n\r\nprint(f\"Found {results['summary']['total_vulnerabilities']} security issues\")\r\n\r\n# Access detailed vulnerabilities\r\nfor vuln in results['vulnerabilities']:\r\n print(f\"- {vuln['title']} ({vuln['threat_level']})\")\r\n print(f\" File: {vuln['file_path']}:{vuln['line_number']}\")\r\n```\r\n\r\n## \ud83d\udd0d Vulnerability Detection Capabilities\r\n\r\n### Traditional Python Security\r\n- **Injection Attacks**: SQL injection, command injection, XSS, LDAP injection\r\n- **Authentication & Authorization**: Broken access control, privilege escalation\r\n- **Cryptographic Issues**: Weak algorithms, hardcoded secrets, insecure random generation\r\n- **Code Quality**: Path traversal, unsafe deserialization, race conditions\r\n- **Dependency Security**: Known CVEs, license compliance, outdated packages\r\n\r\n### GenAI/LLM Specific Security\r\n- **Prompt Injection**: Detection of LLM prompt manipulation vulnerabilities\r\n- **Data Leakage**: Identification of sensitive data exposure in AI contexts\r\n- **Model Security**: Unsafe model loading, parameter manipulation, model theft\r\n- **AI Ethics**: Bias detection, fairness analysis, discrimination patterns\r\n- **Privacy Protection**: PII exposure in AI workflows, training data leakage\r\n\r\n### Enterprise Compliance\r\n- **OWASP Top 10 2023**: Complete coverage of web application security risks\r\n- **CWE Top 25**: Most dangerous software weaknesses\r\n- **SANS Top 25**: Critical security vulnerabilities\r\n- **Regulatory Compliance**: GDPR, HIPAA, PCI-DSS, SOX mapping\r\n\r\n## \ud83d\udcca Advanced Features\r\n\r\n### VS Code Integration\r\n```json\r\n// settings.json\r\n{\r\n \"pygenai-security.realTimeScanning\": true,\r\n \"pygenai-security.showInlineRemediation\": true,\r\n \"pygenai-security.genaiSecurityEnabled\": true\r\n}\r\n```\r\n\r\n### Configuration Management\r\n```yaml\r\n# pygenai-config.yaml\r\nscanners:\r\n enabled:\r\n - traditional_python\r\n - genai_security\r\n - dependency_check\r\n \r\ngenai_security:\r\n prompt_injection_detection: true\r\n data_leakage_prevention: true\r\n model_security_checks: true\r\n\r\nenterprise:\r\n compliance_frameworks:\r\n - OWASP_TOP_10\r\n - GDPR\r\n - PCI_DSS\r\n```\r\n\r\n### Custom Security Rules\r\n```python\r\nfrom pygenai_security import CustomRuleEngine\r\n\r\nclass MyCustomRule(CustomRuleEngine):\r\n def analyze_code(self, code_content, file_path):\r\n # Implement custom security logic\r\n vulnerabilities = []\r\n # ... custom analysis\r\n return vulnerabilities\r\n\r\n# Register custom rule\r\nscanner.add_custom_rule(MyCustomRule())\r\n```\r\n\r\n## \ud83c\udfe2 Enterprise Features\r\n\r\n### TestSprite MCP Integration\r\nAutomated security test generation powered by AI:\r\n\r\n```bash\r\n# Generate security tests from vulnerabilities\r\npygenai generate-tests vulnerable_file.py --framework pytest\r\n\r\n# Auto-remediation suggestions\r\npygenai suggest-fixes scan_results.json\r\n```\r\n\r\n### Advanced Analytics\r\nPrivacy-compliant usage tracking and security insights:\r\n\r\n- **Security Posture Trends**: Track improvement over time\r\n- **Vulnerability Hotspots**: Identify problematic code areas\r\n- **Team Performance**: Anonymous developer productivity metrics\r\n- **Compliance Dashboards**: Real-time regulatory compliance status\r\n\r\n### Enterprise Licensing\r\n- **Open Source**: MIT license for individual and small team use\r\n- **Enterprise License**: Commercial license with advanced features, support, and SLAs\r\n- **Custom Deployment**: On-premises and air-gapped environment support\r\n\r\n## \ud83d\udcc8 Performance & Scalability\r\n\r\n### Benchmarks\r\n- **Speed**: Scans 10,000+ Python files in under 2 minutes\r\n- **Memory**: Efficient processing with <512MB RAM usage\r\n- **Accuracy**: 99.2% vulnerability detection rate with <0.5% false positives\r\n- **Coverage**: Supports Python 3.8+ and all major ML/AI frameworks\r\n\r\n### Supported Frameworks\r\n- **Web Frameworks**: Django, Flask, FastAPI, Tornado, Pyramid\r\n- **AI/ML Frameworks**: OpenAI, Anthropic, HuggingFace, LangChain, LlamaIndex\r\n- **Data Science**: Pandas, NumPy, Scikit-learn, TensorFlow, PyTorch\r\n- **Cloud Platforms**: AWS, Azure, GCP, Kubernetes\r\n\r\n## \ud83e\udd1d Community & Contribution\r\n\r\n### Getting Involved\r\n- **GitHub Repository**: [RiteshGenAI/pygenai-security](https://github.com/RiteshGenAI/pygenai-security)\r\n- **Issue Tracking**: Report bugs and request features\r\n- **Discussions**: Join community discussions and get support\r\n- **Contributing**: Pull requests welcome! See CONTRIBUTING.md\r\n\r\n### Roadmap\r\n- **Q1 2024**: Advanced GenAI security rules, IDE integrations\r\n- **Q2 2024**: Enterprise dashboard, compliance automation\r\n- **Q3 2024**: Cloud security scanning, container analysis\r\n- **Q4 2024**: ML model security analysis, federated learning support\r\n\r\n## \ud83d\udcda Documentation\r\n\r\n- **Quick Start Guide**: [docs/quickstart.md](docs/quickstart.md)\r\n- **Configuration Reference**: [docs/configuration.md](docs/configuration.md)\r\n- **API Documentation**: [docs/api.md](docs/api.md)\r\n- **Enterprise Guide**: [docs/enterprise.md](docs/enterprise.md)\r\n- **Security Best Practices**: [docs/security.md](docs/security.md)\r\n\r\n## \ud83d\udcc4 License\r\n\r\nThis project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.\r\n\r\n### Commercial Use\r\nFor commercial use with enterprise features, support, and consulting, please contact us at riteshpatilgenaiofficial@gmail.com.\r\n\r\n## \ud83d\ude4f Acknowledgments\r\n\r\nPyGenAI Security Framework is built on the shoulders of giants:\r\n- **OWASP**: Security knowledge and best practices\r\n- **Python Security Community**: Tools like Bandit, Safety, and Semgrep\r\n- **AI/ML Community**: Insights into GenAI security challenges\r\n- **Enterprise Contributors**: Feedback from production deployments\r\n\r\n---\r\n\r\n**\ud83d\udee1\ufe0f Secure your Python and AI applications today with PyGenAI Security Framework!**\r\n\r\nFor enterprise inquiries, custom deployment, or support: **riteshpatilgenaiofficial@gmail.com**\r\n\r\nRepository: **https://github.com/RiteshGenAI/pygenai-security**\r\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "Comprehensive Python and GenAI security scanning framework",
"version": "0.0.4",
"project_urls": {
"Bug Reports": "https://github.com/RiteshGenAI/pygenai-security/issues",
"Documentation": "https://pygenai-security.readthedocs.io/",
"Funding": "https://github.com/sponsors/RiteshGenAI",
"Homepage": "https://github.com/RiteshGenAI/pygenai-security",
"Source": "https://github.com/RiteshGenAI/pygenai-security"
},
"split_keywords": [
"security",
" vulnerability",
" scanning",
" python",
" genai",
" llm",
" static-analysis",
" code-analysis",
" cybersecurity",
" devsecops",
" ai-security",
" prompt-injection",
" enterprise",
" compliance"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "d618f30e4232fb33e417cb3cd0c5fbf3e05148e0c1db8a9bd390b835ae7da403",
"md5": "99da9104d0f01142497f61a35115ed3b",
"sha256": "5ee03fc768358077de1794b173683fa2d6020600391f6f4c02d66fb2ef6b85c5"
},
"downloads": -1,
"filename": "pygenai_security-0.0.4-py3-none-any.whl",
"has_sig": false,
"md5_digest": "99da9104d0f01142497f61a35115ed3b",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.8",
"size": 78194,
"upload_time": "2025-09-06T18:32:20",
"upload_time_iso_8601": "2025-09-06T18:32:20.058011Z",
"url": "https://files.pythonhosted.org/packages/d6/18/f30e4232fb33e417cb3cd0c5fbf3e05148e0c1db8a9bd390b835ae7da403/pygenai_security-0.0.4-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "c70bd602243e3aacb8d80a8165f8beb9fefd913c8c6c5237257db34089ac53be",
"md5": "d12f2157e03d2fa24361632496502e53",
"sha256": "6b7c8f2dc69bd2fb6cd47d7075345b4c32f069102672b970df67f38d5048aebc"
},
"downloads": -1,
"filename": "pygenai_security-0.0.4.tar.gz",
"has_sig": false,
"md5_digest": "d12f2157e03d2fa24361632496502e53",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.8",
"size": 65204,
"upload_time": "2025-09-06T18:32:21",
"upload_time_iso_8601": "2025-09-06T18:32:21.296152Z",
"url": "https://files.pythonhosted.org/packages/c7/0b/d602243e3aacb8d80a8165f8beb9fefd913c8c6c5237257db34089ac53be/pygenai_security-0.0.4.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-09-06 18:32:21",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "RiteshGenAI",
"github_project": "pygenai-security",
"github_not_found": true,
"lcname": "pygenai-security"
}
JSON
