KovacsEmanuel/SecurityChecks-for-ai-Agents
Give this list to your AI agents to check your new vibe coded app
SUMMARY AI summary by gpt-5-mini
A machine-readable checklist of automated security checks for AI-powered applications, intended to be run by automated agents against source code, configs, and live services. Users: security engineers, SREs, dev teams, and automation/orchestration tools that perform pre-production hygiene scans. Key features: - ~230 checks across 15 sections (auth/session, authz, input/output, crypto, infra, supply chain, AI-specific risks, frameworks for web/desktop/mobile/backend, code review, permissions, privacy, monitoring). - Each check provides: DETECT, PASS IF, FAIL IF, CWE/REF. Detection types: GREP, FILE, HTTP, CODE. - Stack auto-detection, three execution phases (source, runtime, system), and a 9-agent orchestration plan producing a deduplicated Markdown report with CVSS and attack chains. - Includes full checklist and orchestration files. Explicit disclaimer: not a replacement for professional penetration testing.
Owner
Dates
| Created on GitHub | 2026-05-09 |
| Last push | 2026-05-09 |
| First seen here | 2026-05-09 |
| Last fetched | 2026-05-09 16:11 |