Docs · the whole suite, end to end

Five products. One principle: only flag what's confirmable.

Lictor is an AI-security suite that meets your app at every layer it can be watched honestly: at runtime while the model is answering, in the browser against a live deployment, over time on a dashboard, across the internet as a continuous scanner, and in your editor as a local audit. Same rule everywhere: observe, confirm, then report. Nothing attacks a live system; nothing leaves your machine unless you choose to publish it.

The skill suite is open source, Apache 2.0, no telemetry: github.com/Raffa-jarrl/Lictor-AI. The rest runs on Lictor’s hosted platform.

Jump to a product → See the 48 checks →

The map

Where each product sits

Pick by where the risk lives. Guardian gathers your findings over time; Patrol is the internet-scale scanner behind the in-the-wild disclosures; the CLI is the pre-release audit you run before you ship.

Lictor Guardian

Hosted dashboard and incident timeline. Aggregates findings over time. hosted platform

Lictor Patrol

Continuous internet-scale scanner. Passive recon plus a precision-gated active tier. verify-gated

The skill suite

The 48-check pre-release audit, plus explain, fix-it and rotate. open source · 100% local

Hosted dashboard · Lictor Guardian

The findings, gathered over time

Each check tells you about a moment. Guardian is the place those moments add up. It's a hosted dashboard and incident timeline that aggregates findings over time, so you can see whether a problem is new, recurring, or finally resolved, and tell that story to the people who ask. It is the dashboard behind the hosted business plans.

Incident timeline

Findings laid out in order: when each first appeared, when it changed, when it cleared.

Aggregated over time

One view across runs and sources, so a recurring issue reads as a pattern, not a surprise.

Part of the hosted plans

Guardian comes with Patrol monitoring on the business plans, from $49/mo.

Continuous scanner · Lictor Patrol

The engine behind the in-the-wild disclosures

Patrol is the internet-scale scanner pillar. It starts with passive recon (what's already public, gathered without touching the target) and adds a precision-gated active tier that confirms a narrow set of high-signal exposures. Every finding, passive or active, passes through a central verify gate before it is ever reported. Until a human confirms it, a finding is SUSPECTED, never asserted. Disclosure is ethical and observe-only: Patrol looks, it does not break in.

The precision-gated active tier

These are the exposures the active tier confirms: each one observable from the outside, none requiring an attack.

CRITICAL

Exposed configs

Config files a deployment serves to the open internet.

CRITICAL

Open buckets

World-readable object storage with contents anyone can list.

HIGH

CORS

Cross-origin policies loose enough to leak authenticated responses.

HIGH

Subdomain takeovers

Dangling DNS pointed at a service that can be claimed.

CRITICAL

Leaked keys

Live credentials exposed in public surfaces, confirmed before report.

VERIFY GATE

SUSPECTED until verified

Nothing is reported as fact until a human clears the central verify gate.

The verify gate exists for the same reason as the audit's guards. See how Patrol decides "reachable" is not "exploitable".

Local audit · the skill suite · open source

The pre-release audit, in your editor

Four slash commands, all 100% local: no token, no signup, no telemetry. They read your code and explain what they find in plain English. The headline command is the 48-check audit documented in full on the coverage page.

/lictor-security-check

The 48-check pre-release audit. Detects the stack, runs every applicable check, writes a plain-English SECURITY-AUDIT.md.

/lictor-explain

Takes any finding or jargon-heavy warning and rewrites it as something a non-technical founder can act on.

/lictor-fix-it

Walks the findings one at a time, shows the proposed change, and applies it only with your explicit OK.

/lictor-rotate

Step-by-step, provider-specific rotation of a leaked key: the exact URL, the exact button, and how to confirm it worked.

Install and usage

# install once, inside Claude Code
/plugin marketplace add Raffa-jarrl/Lictor-AI
/plugin install lictor-security-suite@lictor-ai

# run the full 48-check audit on the current project
/lictor-security-check

# confused by a finding? get it in plain English
/lictor-explain

# apply the fixes, one at a time, with your approval
/lictor-fix-it

# a key leaked? rotate it, provider by provider
/lictor-rotate

Full check list with OWASP / CWE mappings: the 48 checks →

Honest boundaries

One rule across all of them

Every product only reports what it can confirm by reading code or observing what's already public, never by attacking a live system. Patrol holds findings at SUSPECTED until a human verifies them; the CLI runs entirely on your machine. A scanner that cries wolf is worse than none, so the same evidence bar runs through all of it. Here are the false positives we filter.

The audit is open-source. Apache 2.0. No telemetry.

Read the skill suite before you trust it, install it with two commands in Claude Code, and run the audit on your own machine. When your app starts handling real users, the hosted plans take over the watching.

See the 48 checks → Install the skill suite →