# 🚀 Launch: AI-SPM — Runtime Security for AI Systems (Demo Inside)

[dshapi]

I’ve been working on a project around something that kept bothering me while building LLM systems in production:

We trust AI too much at runtime.

So I built AI-SPM (AI Security Posture Management) — a system that treats the LLM as untrusted and enforces security controls during execution.

---

🎥 Demo (Attack → Detection → Decision → Trace)

👉 https://www.youtube.com/watch?v=OucfJ6_wcTM

This shows:

• a real attack (prompt injection / misuse)
• how it’s intercepted
• policy enforcement (block / allow)
• full decision trace in the UI

---

🧠 What This Is

Instead of relying only on:

• prompt engineering
• static guardrails
• logging after the fact

AI-SPM introduces runtime enforcement:

• 🔍 Input inspection (prompt + context)
• 🛡️ Policy engine (structured decisions)
• 🔧 Tool control (no free-form execution)
• 📊 Decision trace (full explainability)
• 📡 Real-time event pipeline

Think:

Zero-trust architecture, but for AI agents

---

🧪 How I Tested It

Using tools like Garak (LLM red-teaming), I simulated:

• prompt injection attacks
• tool misuse
• data exfiltration patterns

The system:

• intercepts the request
• evaluates policies
• enforces a decision
• records a full trace

---

🤔 What I’m Curious About

I’d really love input from this community:

• What attack would you try first?
• Where do you think this approach breaks?
• Is runtime enforcement the right layer for AI security?

---

🧩 Want to Contribute?

Repo: https://github.com/dshapi/AI-SPM

Good places to start:

• exposing attack traces (Garak logs)
• improving policy explanations
• strengthening detection logic
• UI improvements (trace, simulation, insights)

If you’re interested:

just comment “I’ll take this” on an issue and I’ll help you get started

---

🧨 Challenge

Try to break it.

If you manage to:

• bypass detection
• trigger unintended behavior

Open an issue — I’ll add your attack to the test suite (and credit you).

---

💡 Why This Matters

AI systems are becoming:

• more autonomous
• more connected to real data
• more capable of taking actions

Which means:

Security has to move from “model-level” → “runtime-level”

---

Happy to answer anything — architecture, tradeoffs, or how it’s built.

Would love your feedback 🙏

[dshapi]

If helpful, I can walk through a specific attack from the demo step-by-step (what the model sees → what gets blocked → why).

Just tell me which scenario you want to dig into.