AIvector

AI security testing framework with terminal-first execution and GitHub Pages demo shell.

Live Demo URL

• https://imharshitaa.github.io/AIvector/demo/

Setup After Git Clone

1. Clone repository:

git clone https://github.com/imharshitaa/AIvector.git
cd AIvector

2. (Optional) Create virtual environment:

python3 -m venv .venv
source .venv/bin/activate

3. Install dependencies:

pip install -r requirements.txt

4. Install global ai command:

bash scripts/install_ai_command.sh

5. If command is still not found in fish, run once:

set -U fish_user_paths ~/.local/bin $fish_user_paths

6. Verify:

ai --help

Primary command

ai run <target_url>

Example sample endpoints:

ai run https://prompt-injection-lab.vercel.app/api/chat
ai run https://api-inference.huggingface.co/models/gpt2
ai run https://aihorde.net/api/v2
ai run https://chat.openai.com/backend-api/models

Technical structure

/Users/harshitaaa/Projects/AIvector
├── ai                              # launcher for ai run <target_url>
├── main.py                         # command parser + run orchestration
├── demo/
│   ├── __init__.py
│   ├── framework.py                # case loading, stage execution, report write
│   ├── ui.py                       # terminal rendering and pre-input helper text
│   └── index.html                  # demo page served at /demo/
├── common/
│   ├── case_utils.py               # shared case helper methods
│   └── __init__.py
├── scripts/
│   ├── install_ai_command.sh       # installs ai command to ~/.local/bin
│   └── uninstall_ai_command.sh     # removes ai command from ~/.local/bin
├── <test_case_folder>/
│   ├── discovery.py
│   ├── test.py
│   └── exploit.py
├── reports/
│   ├── latest_report.json
│   └── target_history.json
├── .github/workflows/pages.yml     # GitHub Pages deployment workflow
└── index.html                      # root page linking to live demo

Runtime flow

1. Parse ai run <target_url>.
2. Print helper prelude (project, link, command, sample URLs).
3. Discover testcase folders containing all required files:
   • discovery.py
   • test.py
   • exploit.py
4. Execute each case in order:
   • discovery stage
   • test stage
   • exploit stage
5. Print per-case logs and vulnerability evidence.
6. Generate final summary and save JSON report.
7. Update historical target list of vulnerable endpoints.

Output behavior

Per case, terminal prints:

• status (PASS / VULNERABLE)
• severity
• score
• evidence
• remediation
• duration

Logs include timestamps and case id, e.g.:

[16:45:01][info][prompt_injection__system_override] discovery:start
[16:45:01][info][prompt_injection__system_override] test:start
[16:45:02][info][prompt_injection__system_override] exploit:start

GitHub Pages deployment

This repository deploys Pages from main via:

• .github/workflows/pages.yml

After each push to main, GitHub Pages publishes the demo route:

• /AIvector/demo/

Safety

Use only with explicit authorization on targets you are allowed to test.