/

Policy Coverage

94%

Risk Score

23%

Model Drift

67%

Audit Readiness

88%

Loading editor…
[12:41:02] policy-engine: BLOCKED inference — PII-001 triggered

[12:41:01] scanner: Analyzing 2,847 token stream...

[12:40:58] drift-monitor: Embedding cosine delta 0.034 (threshold 0.03)

[12:40:45] compliance: SOC2 evidence pack queued for export

[12:40:12] gateway: Rate limit applied to swarm-7 (RATE-003)
AI Reviewer
3 findings

Rotate the exposed key immediately. Load secrets from a vault (HashiCorp Vault, AWS Secrets Manager) at runtime.

Full corrected code

# Never commit real secrets
NEXUS_API_KEY=${process.env.NEXUS_API_KEY}
MODEL_ENDPOINT=https://api.internal/v1

Diff patch

- NEXUS_API_KEY=sk-replace-me-in-vault
+ NEXUS_API_KEY=${process.env.NEXUS_API_KEY}

Explainability

Hardcoded API key in prompt path

Leaving your house key under the doormat — anyone who finds the mat owns your home.

CWE-798