ShakerScanRun Public DAST Preview

AI Security Risk

Detect cross-tenant RAG leakage before release.

Cross-tenant RAG leakage is a customer-trust issue. ShakerScan turns retrieval isolation checks into evidence-backed gate decisions.

Run Public DAST PreviewInstall GitHub App

Sample gate decision

block

Tenant boundary failure

A RAG response referenced a protected tenant-specific document. The decision blocks release until retrieval filters are corrected and retested.

tenant context:tenant-a canary
retrieval result:tenant-b document title
response:cross-tenant reference surfaced
policy:rag-release
evidence hash:sha256:8b7c...e21f
1

Create tenant-aware RAG tests with safe canaries and expected boundaries.

2

Probe retrieval, citation, source, and deleted-document behavior.

3

Record transcript evidence and classify leakage indicators.

4

Block or require approval when policy thresholds are crossed.

Why ShakerScan

The output is a release control, not just a report.

ShakerScan is built around release evidence: a tested target, a policy result, a verifier command, and an approval path when risk needs human review.

Signed evidence

Evidence hashes and AI Gate attestations bind the decision to the target, environment, policy, probe pack, and release scope when signing is configured.

CI-verifiable decision

GitHub Actions or the shakerscan CLI can verify that the decision matches the expected repo, commit, branch, environment, target, policy, and evidence hash.

Approval workflow

When an eligible workflow is approved, scoped approval tokens record the reason, audience, expiry, and decision path instead of bypassing the gate silently.

Checklist

Remediation checklist

Enforce tenant filters at retrieval time, not only prompt time.

Test deleted documents and stale indexes.

Use canary content to validate retrieval boundaries safely.

Retest after ingestion, embedding, chunking, and ranking changes.

Limitations

What this page does not claim

ShakerScan does not replace human security review, threat modeling, or a scoped penetration test.

AI Gate decisions depend on the configured target, probe pack, policy, scan profile, and available evidence.

Production targets require authorization, safe scope, rate limits, and operational approval.

FAQ

Is ShakerScan an AI pentesting replacement?

No. ShakerScan is a verifiable security gate for release workflows. It complements deeper manual testing by producing repeatable runtime evidence and CI-verifiable allow, block, or needs_approval decisions.

Can ShakerScan scan any target?

No. Targets must be owned by the customer or explicitly authorized. Production scans should use safe profiles, rate limits, and defined scope.