Nixer Detection Rules

Detection Rules

18 rules across 7 scanner modules. Every finding Nixer can flag — with vulnerable code patterns, real-world breach examples, and remediation steps.

18 Detection rules
7 Scanner modules
30s To scan your repo
2 rules

Secrets Scanner

Detects API keys, tokens, private keys, and database connection strings committed to source code or config files.

3 rules

Prompt Injection Scanner

Live endpoint probing for direct injection, indirect injection, system-prompt leakage, jailbreaks, and tool-call abuse.

1 rule

MCP Server Probe

Discovers and probes Model Context Protocol endpoints for authentication gaps and exposed tool manifests.

2 rules

Auth & Fraud Scanner

Credential stuffing probes, unauthenticated agent route detection, and rate-limit absence checks.

3 rules

Model Supply Chain

Pickle deserialization RCE detection, ML package typosquat analysis, HuggingFace trust checks, and CVE version audits.

7 rules

CI/CD Pipeline Scanner

GitHub Actions workflow analysis — pwn-requests, script injection, unpinned actions, and token permission audits.

Run all 18 checks on your stack

Works on GitHub repos, live agent endpoints, and raw configs. No signup required.

npx nixer scan https://your-agent.example.com
Try in browser →