Catch what your AI assistant gets wrong — before it ships.
Leaked secrets, vulnerable dependencies, prompt injection. PreAI detects, blocks, and proves it in your editor and CI — and its own analysis runs entirely on your machine, with zero telemetry.
Works inside your editor & AI agents
AI writes code fast. It also ships risk.
Every prompt, dependency, and tool call is a way for secrets to leak or an agent to be steered. Three failure modes show up again and again.
Leaked secrets & PII
API keys, tokens, and regulated personal data get pasted into prompts, committed to repos, and fed into an assistant's context window — where you can't get them back.
Vulnerable & poisoned deps
Assistants confidently suggest packages — including known-vulnerable versions, typosquats, and hallucinated names that attackers register to ship you malware.
Hijacked AI agents
Prompt injection hidden in a README, a poisoned MCP tool, or an over-permissioned agent can turn your helper into the attacker — reading files and running commands you never approved.
Detect, prevent, govern, and prove — locally
PreAI rolls four classes of security control into one editor extension, reusing the same engine end to end. No SaaS backend, no data egress.
Detect
Real-time scanning as you type.
- Secrets & credentials
- Regulated PII (incl. India: Aadhaar, PAN, GSTIN)
- Malicious & insecure-code patterns
- SCA across 11 ecosystems
Prevent
Guard blocks risky actions before they run.
- Allow / ask / redact / deny per action
- Claude Code, Cursor, Windsurf, Antigravity
- MCP gateway covers Copilot
- Observe → ask → enforce modes
Govern
See and control your AI exposure.
- Which AI tools can read your secrets
- MCP tool-poisoning & rug-pull detection
- Untrusted model-file (pickle) scanning
- Data-residency / egress classification
Prove
Audit-grade evidence on demand.
- CycloneDX SBOM + SARIF export
- OWASP LLM & MITRE ATLAS tagging
- CI/CD PR gate (Team)
- Centralized audit log (Team)
PreAI never sends your code anywhere.
Cloud-based AI-security tools scan your code by sending it, your dependencies, and the findings to their servers. PreAI does its analysis entirely on-device and transmits nothing — so regulated, IP-sensitive, and air-gapped teams can finally use it. Your AI assistant may still send code to its own cloud; PreAI is the tool that shows you what it's exposing — and can redact or block it.
Deeper coverage, without the cloud
How PreAI compares to a typical cloud-based AI-security tool.
| Capability | PreAI | Typical cloud tool |
|---|---|---|
| Your code & findings stay on your machine | Always local · zero telemetry | Uploaded to vendor servers |
| Prompt-injection detection (direct + indirect) | Evasion-resistant, every agent-readable surface | Basic, if any |
| Pre-execution blocking of agent actions | 5 hosts + MCP gateway | Often detect-only |
| MCP security — tool-poisoning + rug-pull/drift | Yes, baselined | Rarely |
| AI exposure & shadow-AI governance | Sees which tools reach your secrets | No |
| Dependency SCA — 11 ecosystems + reachability | Yes | Limited |
| Untrusted model-file (pickle) scanning | Yes | Rarely |
| Regulated PII incl. India (Aadhaar/PAN/GSTIN) | First-class | Rarely |
| Compliance evidence — SBOM, SARIF, OWASP/ATLAS tags | Built in | Sometimes |
| Hallucinated-package (slopsquat) detection | Yes | Rarely |
| Air-gapped / self-hosted + offline license | Yes | No |
| Zero runtime dependencies (minimal attack surface) | Yes | Varies |
Compared with typical cloud-based AI-security tools; specific capabilities vary by vendor.
Security you can audit, not just install
An open core, an explicit zero-egress contract, and detection mapped to the standards your auditors already use.
package ecosystems / 18 lockfile formats
bytes of telemetry or runtime dependencies
every finding tagged to the standards
signed threat-intel feed, verified fail-closed
Ship AI-assisted code without shipping the risk.
Start a 14-day free trial, or pick the plan that fits your team. Your code stays yours.