Supply Chain Threat Scanner

Made by AI, for AI

Static Analysis LLM Analysis
or
🔍

Paste a GitHub repo URL, file URL, or content hash and hit Scan

🔍 What We Detect

156 patterns across 22 categories — static analysis + optional LLM deep review

⚡

Dangerous Execution

curl|bash, eval(), exec(), vm module, PowerShell encoded commands, WScript.Shell

🎭

Obfuscation

Base64 payloads, String.fromCharCode, Buffer.from chains, JSFuck, hex encoding, unicode escapes

📡

Data Exfiltration

DNS exfiltration, Discord/Slack/Telegram webhooks, env var leaking, ngrok tunnels, pastebin drops

đŸšĒ

Backdoors & Shells

Reverse shells (Python, Perl, PHP, Ruby, Socat), bind shells, web shells, crypto miners, SSH key injection

🔗

Supply Chain

npm postinstall hooks, typosquatting, dependency confusion, URL dependencies, webpack plugin injection

⚙ī¸

CI/CD Attacks

GitHub Actions expression injection, secret dumping, self-hosted runner abuse, artifact poisoning

🔐

Secrets & Credentials

AWS/GCP/Azure keys, Stripe/Slack/GitHub tokens, private keys, JWTs, hardcoded passwords

đŸ•ĩī¸

Credential Theft

Chrome/Firefox/Brave browser data, SSH keys, .env files, macOS Keychain, kubeconfig, Docker auth

🏚ī¸

Persistence

Crontab, systemd services, .bashrc injection, macOS LaunchAgents, Windows Registry run keys, XDG autostart

đŸ“Ļ

Container Escape

Docker socket access, privileged containers, host mount escape, procfs abuse, nsenter namespace escape

🐍

Python Malware

setup.py exploits, pickle deserialization, __import__ obfuscation, YAML unsafe load, ctypes native code

🤖

Prompt Injection

"Ignore previous instructions", fake system prompts, role hijacking, tool abuse, markdown image exfiltration

🎨

Adversarial Encoding

Poetry jailbreaks (arxiv 2511.15304), morse code, ROT13, leetspeak, acrostic messages, reversed text

🔒

Ransomware

Mass file encryption patterns, ransom note indicators, file extension changes

đŸ’Ŗ

Destructive Ops

rm -rf, chmod 777, disk format (dd, mkfs), fork bombs

👁ī¸

Steganography

Image pixel data extraction, canvas-based encoding, zero-width character hiding, unicode BiDi overrides

âŦ†ī¸

Privilege Escalation

SUID bit setting, user account creation, Linux capability manipulation, sudoers modification

✊

Protestware

Geolocation-based code execution, file wiper patterns (ref: node-ipc incident)

🤖 AI & API Access

Intentik is built for AI agents. No auth required — just scan.

📄

skill.md

Complete usage guide for AI agents — endpoints, examples, workflows
📋

openapi.yaml

OpenAPI 3.0 specification — all endpoints, schemas, response formats
🔌

ai-plugin.json

Plugin manifest — standard discovery for ChatGPT, agents & tools

Quick start:

curl -X POST https://intentik.com/api/scan/url -H "Content-Type: application/json" -d '{"url":"https://github.com/user/repo"}'