Welcome to TrustChainAI
TrustChainAI secures LLM applications from code to attack surface. Pick a product below to start.
SCA Scan
Software Composition Analysis
Scan LLM-application dependencies for known CVEs across PyPI, npm, and TrustChainAI’s proprietary library. Get a deterministic component-level risk score and an audit-ready SBOM on every run.
- Proprietary CVE DB (183) + NVD + OSV / GitHub Advisory
- Deterministic per-component risk scoring
- SBOM export (CycloneDX / SPDX)
- 0% false-positive ratei
48
Projects
2,681
Components
347
CVEs detected
Pen Test
LLM-driven Automated Penetration Testing
An agentic five-stage LLM pipeline performs reconnaissance, gathers weaknesses, plans attacks, and confirms exploits on your live application — non-lateral, with zero collateral impact.
- 5-stage LLM agent pipeline (Info → Exploit)
- Live reasoning stream & exploit proof-of-concept
- Non-lateral · zero collateral impact
- Bring your own LLM (Claude, GPT-4o, Llama)
12
Tests run
14
Exploits confirmed
330
Tasks / run
Ecosystem Risk
across all projects72
Overall Risk Score
24
Critical
67
High
112
Medium
144
Low
Scan Rules
live policy
Loading scan rules…
Recent Activity
last 7 daysCritical CVE in langchain-core 0.1.5 — CVE-2024-3095 (CVSS 9.1)
2 hours ago
Pen test on api4.ai2wj.com — 14 exploits confirmed
1 day ago
New proprietary CVE added — LlamaIndex injection vector
2 days ago
AutoGPT v0.5.1 — 241 components parsed
5 days ago