AI Scanner FAQs

Question 1

What is AI Scanner and what does it do?

Accepted Answer

AI Scanner is a security tool designed to scan codebases for the usage of LLM SDKs, AI framework integrations, and critically, to detect any exposed API tokens or sensitive keys from various LLM providers and other services. It helps ensure the security and governance of your AI projects.

Question 2

What kind of secrets and AI components can AI Scanner detect?

Accepted Answer

AI Scanner offers extensive detection for over 20 specific AI tokens (e.g., OpenAI, Anthropic, Google) and 59 generic secrets (e.g., Stripe, GitHub, database URIs). It also identifies 23+ LLM SDKs and 24+ AI frameworks, along with API endpoint URLs and model name references.

Question 3

How does AI Scanner integrate with my AI development workflow?

Accepted Answer

AI Scanner functions as an MCP (Model Context Protocol) server, enabling seamless integration with popular MCP-compatible AI clients like Claude Code, Cursor, and Windsurf. This allows AI agents to directly utilize its scanning capabilities within your existing development environment.

Question 4

Can AI Scanner help me understand my project's AI stack?

Accepted Answer

Yes, AI Scanner includes an `ai_inventory` tool that generates a comprehensive overview of your project's AI stack. It details which LLM SDKs, AI frameworks, specific models, and API endpoints are being used, without detecting secrets, providing valuable insights for project management.

Question 5

Is AI Scanner suitable for pre-commit security checks?

Accepted Answer

Absolutely. AI Scanner's `check_secrets` tool is specifically designed for quick, security-focused pass/fail scans for exposed credentials. It's perfect for integrating into pre-commit hooks to prevent sensitive data from being inadvertently pushed to your repositories.

AI Scanner

AI Scanner

주요 기능

사용 사례

주요 기능

사용 사례