Skip to content
LLM Armor

LLM Armor

Find LLM security vulnerabilities before attackers do. Open-source static analysis scanner covering 7 of 10 OWASP LLM Top 10 risks.
Get Started View on GitHub

What it detects

Section titled “What it detects”

Prompt Injection

Detects f-string, .format(), %-formatting, and concatenation injection vectors with AST taint tracking.

Sensitive Info Disclosure

Finds leaked API keys (OpenAI, Anthropic, Google, HuggingFace) across all file types.

Excessive Agency

Flags wildcard tool access, dangerous tool classes, disabled approval gates, and dynamic dispatch.

Unbounded Consumption

Catches LLM API calls missing max_tokens limits.

Install in 10 seconds

Section titled “Install in 10 seconds”
Terminal window
pip install llmarmor
llmarmor scan ./your-app/