I built PromptSonar because I kept seeing LLM security
discussions focus entirely on runtime interception — but
nobody was scanning the prompt strings written directly
into source code before they ship.
PromptSonar is a static analyzer that scans your codebase
for prompt injection, jailbreaks, PII leaks, and privilege
escalation patterns in LLM prompt strings. It works across
TypeScript, JavaScript, Python, Go, Rust, Java, and C#.
What it catches:
- Direct prompt injection and jailbreak patterns
- Unicode evasion: Cyrillic homoglyphs, zero-width character
injection, Base64-encoded jailbreaks
- PII exposure in prompts (SSN, credit card, API keys)
- Privilege escalation and role manipulation
- RAG poisoning patterns
- Insecure output handling
Maps findings to OWASP LLM Top 10. Outputs SARIF v2.1.0
for GitHub Code Scanning integration. 100% local,
zero telemetry, no API calls.
Available as VS Code extension, CLI, and GitHub Action.
PromptSonar is a static analyzer that scans your codebase for prompt injection, jailbreaks, PII leaks, and privilege escalation patterns in LLM prompt strings. It works across TypeScript, JavaScript, Python, Go, Rust, Java, and C#.
What it catches: - Direct prompt injection and jailbreak patterns - Unicode evasion: Cyrillic homoglyphs, zero-width character injection, Base64-encoded jailbreaks - PII exposure in prompts (SSN, credit card, API keys) - Privilege escalation and role manipulation - RAG poisoning patterns - Insecure output handling
Maps findings to OWASP LLM Top 10. Outputs SARIF v2.1.0 for GitHub Code Scanning integration. 100% local, zero telemetry, no API calls.
Available as VS Code extension, CLI, and GitHub Action.
npx @promptsonar/cli scan ./src
I wrote up the Unicode evasion detection methodology separately if anyone is interested in how the normalization pipeline works: https://medium.com/@meghal86/detecting-unicode-homoglyph-and...