Sentinel — LLM Security Assessment Platform

Total Scans

48

LLM apps analysed

↑ 12 this month

CVEs Found

347

Across all components

183 proprietary

Critical Issues

24

Requiring action now

↑ 3 since last scan

Components

2,681

Dependencies mapped

100% parse rate

Recent Scans

Last 7 days

🐟

666ghj/BettaFish

SCA · 2h ago · 63 vulnerabilities · Cached

High

🤖

LangChain-RAG-Pipeline v2.1.4

SCA + Pen Test · Yesterday · 312 components

Critical

⚡

OpenAI Agents SDK v1.2.0

SCA + Pen Test · 2 days ago · 94 components

High

🛠️

api4.ai2wj.com (Langflow)

Full Pen Test · 3 days ago · 1 Apr

Medium

🌐

AutoGPT v0.5.1

SCA · 5 days ago · 241 components

Low

Ecosystem Risk

72

Overall Risk Score

24

Critical

67

High

112

Medium

144

Low

Activity

SCA on 666ghj/BettaFish — 63 CVEs found

2 hours ago

Pen test on api4.ai2wj.com — 14 exploits confirmed

1 day ago

AutoGPT v0.5.1 — 241 components parsed, 0 false positives

5 days ago

Scan an LLM Application

Paste a repository URL or upload a project folder. Sentinel will map all components, detect CVEs, and run automated pen testing.

Application Target

Select Scan Type

🔬

SCA Scan

Map all LLM components, detect CVEs, 0% false positive

⚔️

Pen Test

Automated agentic pen testing, 660 exploitation tasks

📊

Risk Score

Component-level scoring beyond CVSS for insurance & compliance

API Keys (required for LLM Pen Test mode)

Scan History

48 total

🐟

666ghj/BettaFish

SCA · 63 vulnerabilities · 9 Apr 2026 · Cached data

High

🤖

LangChain-RAG-Pipeline v2.1.4

SCA + Pen Test · 312 components · 6 Apr 2026

Critical

🛠️

api4.ai2wj.com (Langflow)

Full Pen Test · 1 Apr 2026

Medium

86

LangChain-RAG-Pipeline v2.1.4

SCA + Pen Test · 312 components · 47 CVEs · 14 exploits confirmed

langchain-core 0.1.5 llama-index 0.9.2 transformers 4.36.0

🛡️

47

CVEs found (SCA)

⚔️

14

Exploits confirmed (Pen Test)

📦

312

Components parsed

-

Total Vulnerabilities

-

Critical

-

High

-

Medium

🏗️ Architecture Map

🛡️ Vulnerabilities

Select a cached repository to render the architecture map

Architecture Details

Click a component in the graph

← Click a component in the graph

Vulnerability List

	Component	Ecosystem	Severity / CVSS	Vulnerability ID	PoC	Summary
Select a cached repository to view vulnerabilities

▶ Live Demo

📘 Summary Report

1

Info Collection

2

Scanning

3

Weakness Gather

4

Attack Decision

5

Exploit & Execute

📋 Penetration Test Summary — api4.ai2wj.com (Langflow v1.2.0)

Target: http://43.156.238.180:7860
Mode: LLM-driven (GPT-4o + Exa + NVD)
Result: Root access confirmed via CVE-2025-57760 + CVE-2025-3248 chain
Exploits confirmed: 14 total · 2 critical chains · RCE as uid=0(root)

Full technical details available in the downloadable .docx report.

🐙

GitHub

Auto-scan on push, PR comments with CVE findings

🔧

Jira

Auto-create tickets for Critical and High CVEs

💬

Slack

Real-time notifications on scan completion

🐳

Docker Hub

Scan container images for embedded LLM dependencies

Scan Rules

Auto-scan on new dependency

Trigger SCA scan when requirements.txt changes

Block deploy on Critical CVE

Fail CI/CD pipeline if any Critical CVE detected

Non-lateral pen test mode

No lateral movement — required for government clients

Compliance Framework

Singapore CSA Framework

Map findings to CSA guidelines

OWASP LLM Top 10

Align pen test findings to OWASP taxonomy

MAS TRMG Alignment

Tag CVEs relevant to MAS guidelines